On Dec 18, 2015, at 12:31 PM, Joel Bergmark <joel.bergmark@t3.se> wrote:
Thank you for the help! Indeed this looks more simplistic and nice! :)
Everything is in the SQL, necessary since using daloradius as fronted.
OK.
Just a follow up on: if ((Huntgroup-Name == "2ndline") && (SQL-Group != "2ndline")) { reject } How to determine the 'SQL-Group' in a simple way? Tried it as is to see how it behaved, and got:
What's "how to determine"? As I said, you put the user / group into SQL. The SQL module has documentation for how this is done.
+- entering group authorize {...} sql_xlat expand: %{User-Name} -> bl sql_set_user escaped user --> 'bl' expand: SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}' -> SELECT groupname FROM radhuntgroup WHERE nasipaddress='46.23X.XX.170' rlm_sql (sql): Reserving sql socket id: 3 sql_xlat finished rlm_sql (sql): Released sql socket id: 3 expand: %{sql:SELECT groupname FROM radhuntgroup WHERE nasipaddress='%{NAS-IP-Address}'} -> 3rdline
That's pretty clear.
++[request] returns not found ++? if ((Huntgroup-Name == "2ndline") && (SQL-Group != "2ndline")) ?? Evaluating (Huntgroup-Name == "2ndline") -> FALSE
Because it's '3rdline'
?? Skipping (SQL-Group != "2ndline") ++? if ((Huntgroup-Name == "2ndline") && (SQL-Group != "2ndline")) -> FALSE ++[chap] returns noop
And it's not checking SQL-Group. Because the Huntgroup-Name doesn't match. Reading the debug output helps. Alan DeKok.