expired user accounts between two dates

Thibault Le Meur Thibault.LeMeur at supelec.fr
Thu May 27 11:29:35 CEST 2010


Le 27/05/2010 10:46, Marco Jaraiz a écrit :
> hello,
>
> i want to use expiration module to validate user account, but i need check
> the expirtation between two dates, init and finish date.
> somebody help me.
>    

As you already may know the expiration module only works for expiration 
date.

When I had this need (a long time ago and with FR1) I just did the 
following:

* I added a new personnal/local attribute in /etc./raddb/dictionnary
ATTRIBUTE       My-Local-Date   3000    string
* setup the "hint" module to add the Date for incomming requests:
DEFAULT NAS-IP-ADDRESS == 192.168.1.4
         My-Local-Date = `%D`

* Then I use the local attribute to check the date (for instance if you 
use the rlm_sql module):
mysql> select UserName,Attribute,op,Value from radcheck where 
UserName='myloginname';
+-----------------+--------------------+----+--------------------+
| UserName        | Attribute          | op | Value              |
+-----------------+--------------------+----+--------------------+
| myloginname     | NAS-IP-Address     | =~ | 192.168.1.[4]{1}   |
| myloginname     | My-Local-Date      | <= | 20090731           |
| myloginname     | My-Local-Date      | >= | 20090526           |
| myloginname     | Login-Time         | := | Wk0700-2200        |
| myloginname     | Cleartext-Password | := | THEPASS            |
+-----------------+--------------------+----+--------------------+
5 rows in set (0.00 sec)


However, I think that FR now "tags" incoming access-request with an 
internal "Date-like" attribute (i don't know the attribute name) so it 
should be easy to add a test on this specific attribute.
The test could use unlang instead of "users" or "rlm_sql" check attributes.

Hope this helps,
Thibault




More information about the Freeradius-Users mailing list