multi ssid use multi radcheck

gh.li at microshield.com.cn gh.li at microshield.com.cn
Thu Mar 23 06:34:57 CET 2017


hi,
    I think I must thanks for FR project @Alan DeKok and @others.it is a great and prefect job.

    I hava two ssid,SSID-TMP for temporary user and the SSID-EMP for employee-user,they both use the realm_sql for auth.
   the data in radcheck as follows:
    
    

  
  current,in raddb/sq/mysql/dialup.conf,
    authorize_check_query = "SELECT id, username, attribute, value, op FROM ${authcheck_table} WHERE username = '%{SQL-User-Name}'   ORDER BY id" 
 
 so when a temporary user tmp_user connect SSID-EMP(for employee),he also get the correct password for connecting the SSID-EMP.that should be disabled.
 
 the problem is:how can I map the user to the correct record?

I have extented radcheck tables with field user_ssid,so the records like:

and change the authorize_check_query  statement to:
"SELECT id, username, attribute, value, op FROM ${authcheck_table} WHERE username = '%{SQL-User-Name}'  and  ssid='%{Aruba_Essid_Name}'  ORDER BY id" 

but I donot get the correct sql statement:
SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'emp'  and  ssid=''  ORDER BY id

another approach:
I define another virtual server,but they use the same sql realm,and use the same sql_query statement,

How can I achieve the resule what I want?

 I am confused about this,thanks for any suggestion or advise,

apologize for my english,



gh.li
tel:+8613910260406
email:gh.li at microshield.com.cn


More information about the Freeradius-Users mailing list