Freeradius-Users Digest, Vol 55, Issue 113

tnt at kalik.net tnt at kalik.net
Wed Nov 25 20:31:27 CET 2009


>> You *can* have multiple entries (rows) for each user. You don't have to
>> cram everything into a single row.
>
> Okay, but I don´t think it makes any sense that you have multiple inputs
> of the same user in a table?

It doesn't make sense - to you. Everybody else is quite OK with that. You
evidently don't know much about databases: relations can be one to one,
one to many, many to many, ... Find a book and learn something about
things before you express views about what does and what doesn't make
sense.

> Say for example that you have like 200 different users and every user have
> to have like 3 different attributes. The table would get extremly large.

Please! What you are describing is laughably small.

>  What I want to do is to through MySQL link a user to a specific group and
> in that way start up the segmentation. So depending on what group you are
> a member in you get into different VLANs etc. That´s why I hoped that I
> could use "radusergroup" to link a user to a group and then in
> "radgroupcheck" add group specific attributes like NAS-Port-Id´s or
> Called-Station-Id´s and in that way being able to do a segmentation on
> SSID or WLAN.

You can use it for that. In your last post you were asking if the user
that doesn't match any group will be rejected. That won't happen. User
will still get authenticated (using data from radcheck) and since he will
have no VLAN information in the reply NAS will most likely place him in a
default VLAN.

> What I need is a GUI where you can search for a specific group and add a
> new user or edit a user in that group.
> I really dont want to see a list of all the users there is and then have
> to search through 200 users to find the one i wish to edit.
> So is it possible with dialupadmin to add a user and link that user to a
> group so you can only list that groups users?
> Also is it possible in anyway to make group specific attributes so I wont
> have to add SSID restrictions on user level?
>
> I have seen in the source of Freeradius that dialup admin comes with it.
> I´ve started to think about testing it.
> So do I need to build dialupadmin in the same way I did with OpenSSL and
> FreeRadius or did it get installed at the same time as I installed
> Freeradius?
> Also is there anywhere I can read about how to link dialup admin to MySQL
> etc.?

Start with README file in dialup_admin directory and:

http://freeradius.org/dialupadmin.html

That should answer most of your questions.

Ivan Kalik




More information about the Freeradius-Users mailing list