SQL and Huntgroups
Fajar A. Nugraha
list at fajar.net
Tue Apr 30 00:35:43 CEST 2013
On Tue, Apr 30, 2013 at 4:31 AM, Grégoire Leroy
<gregoire.leroy at retenodus.net> wrote:
> Maybe I was not clear enough above.
>
> What I want is :
> 1) Set the password for the user
> 2) Authentication of the user
> 3) X is always added to the reply if the user is authenticated
> 4) Moreover, Y is added to the reply for NAS, still if the user is authenticated
>
> I use radreply for X, the issue here is step 4. The how-to on the wiki about huntgroups and SQL
> recommends to use unlang in the authorize section. So, I update the request to assign the Huntgroup-
> Name attribute, and use unlang to add the Y configuration (user dependent) if the huntgroupname is
> "one_huntgroup_name".
That's not what the wiki said. Well, you can do that, but it doesn't
say that you can ONLY do that. You can do other stuff as well.
http://wiki.freeradius.org/guide/SQL-Huntgroup-HOWTO#More-examples
It pretty much said that:
- you need to add an entry to radgroupcheck, so that when
Huntgroup-Name matches a value (site_a), an SQL group (site_a_admins)
will be assigned
- you add entries to radgroupreply to return
whatever-attribute-value-pairs-you-want for site_a_admins group.
> That's why I maintain a seperate table, for Y configuration, and I would like to be able to
> dynamically update my request with the attributes,op,values of the user.
>
> Is it possible ?
Read the wiki.
--
Fajar
More information about the Freeradius-Users
mailing list