Ariel VIVES wrote:
You're trying to use radius for something it's not really intended for. You'd be better off querying that information from a real directory service, like LDAP, or NIS, if you want it quicker and nastier.Yes, and my accounts are under NIS. But i want to authenticate my users using freeradius. and it works... so it isn't possible to get additional informations with freeradius by using a shell script or with adding specific attribute ?
You can specify any attribute you like in the reply, and provided your client (the PHP app?) can access it, do whatever you want with it.
If you have an IANA enterprise number you can do this: cat >/usr/share/freeradius/dictionary.MyOrg <<EOF VENDOR MyOrg MyOrgNumber ATTRIBUTE MyOrgFullName 1 string MyOrg ATTRIBUTE MyOrgHomeDir 2 string MyOrg EOF ...then in /etc/raddb/users: joe User-Password := "joespass" MyOrgFullName = "Joe Bloggs", MyOrgHomeDir = "/home/joe"If you don't have an IANA number, you will need to search the dictionaries for existing attributes you can use - see for example "dictionary.ntua"
Does this answer your question?