If you want to use rlm_sql you do this with the tables radius.usergroup and radius.radgroupcheck. In radius.radgroupcheck you'd have something like this: +----+---------------+-----------+----+--------+ | id | GroupName | Attribute | op | Value | +----+---------------+-----------+----+--------+ | 1 | RASUser | Auth-Type | := | system | Then in radius.usergroup for each user you want in this group you'll have a row like this: +--------+----------+---------------+ | id | UserName | GroupName | +--------+----------+---------------+ | 39747 | thisuser | RASUser | That pasted rather ugly, but I think you should get the point. Using sql eliminates the need for the users file to be able to do what you asked about. Let me know if this doesn't answer your question. Chris Carver Pennswoods.Net Network Engineer Michael Schwartzkopff wrote:
Hi,
I want to authorize users according to the membership in a group. With Auth-Type=System it is easy:
DEFAULT Auth-Type = System, Group == "RASUser"
Is there any analogy to this setup in the sql module? Thanks for any help, I am quite desparate already ...
------------------------------------------------------------------------
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html