Hi, thanks for the help, So I added in policy.conf this check_validity { update control { Current-Time := "%l" } if (Date > control:Current-Time) { update reply { Reply-Message := "account not yet active" } reject } } I created the attribute date, but when i tried to logon, i receive reject response This is freeradius -XXX rad_recv: Access-Request packet from host 127.0.0.1 port 36099, id=237, length=277 ChilliSpot-Version = "1.3.0" User-Name = "day2" User-Password = "day2" Service-Type = Login-User Acct-Session-Id = "55680ead00000005" Framed-IP-Address = 10.10.4.200 NAS-Port-Type = Wireless-802.11 NAS-Port = 5 NAS-Port-Id = "00000005" Calling-Station-Id = "00-1B-77-16-34-1A" Called-Station-Id = "00-50-56-B2-BF-8D" NAS-IP-Address = 10.10.4.254 NAS-Identifier = "vlan4" WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,Vlan4_ssid" WISPr-Location-Name = "Vlan_4" WISPr-Logoff-URL = "http://10.10.4.254:3990/logoff" Message-Authenticator = 0x844feffa98bf807597e7e264e9d3b4c4 Fri May 29 10:23:34 2015 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default Fri May 29 10:23:34 2015 : Info: +- entering group authorize {...} Fri May 29 10:23:34 2015 : Info: ++? if (!NAS-IP-Address) Fri May 29 10:23:34 2015 : Info: ? Evaluating !(NAS-IP-Address) -> FALSE Fri May 29 10:23:34 2015 : Info: ++? if (!NAS-IP-Address) -> FALSE Fri May 29 10:23:34 2015 : Info: ++- entering policy check_validity {...} Fri May 29 10:23:34 2015 : Debug: WARNING: You are modifying the value of virtual attribute Current-Time. This is not supported. Fri May 29 10:23:34 2015 : Info: expand: %l -> 1432887814 Fri May 29 10:23:34 2015 : Info: +++[control] returns notfound Fri May 29 10:23:34 2015 : Info: +++? if (Date > control:Current-Time) Fri May 29 10:23:34 2015 : Info: (Attribute Date was not found) Fri May 29 10:23:34 2015 : Info: ? Evaluating (Date > control:Current-Time) -> FALSE Fri May 29 10:23:34 2015 : Info: +++? if (Date > control:Current-Time) -> FALSE Fri May 29 10:23:34 2015 : Info: ++- policy check_validity returns notfound Fri May 29 10:23:34 2015 : Info: ++[preprocess] returns ok Fri May 29 10:23:34 2015 : Info: ++[chap] returns noop Fri May 29 10:23:34 2015 : Info: ++[mschap] returns noop Fri May 29 10:23:34 2015 : Info: ++[digest] returns noop Fri May 29 10:23:34 2015 : Info: [suffix] No '@' in User-Name = "day2", looking up realm NULL Fri May 29 10:23:34 2015 : Info: [suffix] No such realm "NULL" Fri May 29 10:23:34 2015 : Info: ++[suffix] returns noop Fri May 29 10:23:34 2015 : Info: [eap] No EAP-Message, not doing EAP Fri May 29 10:23:34 2015 : Info: ++[eap] returns noop Fri May 29 10:23:34 2015 : Info: [sql] expand: %{User-Name} -> day2 Fri May 29 10:23:34 2015 : Info: [sql] sql_set_user escaped user --> 'day2' Fri May 29 10:23:34 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3 Fri May 29 10:23:34 2015 : Info: [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'day2' ORDER BY id Fri May 29 10:23:34 2015 : Info: [sql] expand: SELECT groupname FROM usergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM usergroup WHERE username = 'day2' ORDER BY priority Fri May 29 10:23:34 2015 : Info: [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = 'vlan_4' ORDER BY id Fri May 29 10:23:34 2015 : Debug: rlm_sql (sql): Released sql socket id: 3 Fri May 29 10:23:34 2015 : Info: [sql] User day2 not found Fri May 29 10:23:34 2015 : Info: ++[sql] returns notfound Fri May 29 10:23:34 2015 : Debug: rlm_sqlcounter: Entering module authorize code Fri May 29 10:23:34 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair Fri May 29 10:23:34 2015 : Info: ++[chillispot_max_bytes] returns noop Fri May 29 10:23:34 2015 : Debug: rlm_sqlcounter: Entering module authorize code Fri May 29 10:23:34 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair Fri May 29 10:23:34 2015 : Info: ++[noresetcounter] returns noop Fri May 29 10:23:34 2015 : Debug: rlm_sqlcounter: Entering module authorize code Fri May 29 10:23:34 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair Fri May 29 10:23:34 2015 : Info: ++[dailycounter] returns noop Fri May 29 10:23:34 2015 : Info: ++[expiration] returns noop Fri May 29 10:23:34 2015 : Info: ++[logintime] returns noop Fri May 29 10:23:34 2015 : Info: [pap] WARNING! No "known good" password found for the user. Authentication may fail because of this. Fri May 29 10:23:34 2015 : Info: ++[pap] returns noop Fri May 29 10:23:34 2015 : Info: ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user Fri May 29 10:23:34 2015 : Info: Failed to authenticate the user. Fri May 29 10:23:34 2015 : Info: Using Post-Auth-Type Reject Fri May 29 10:23:34 2015 : Info: # Executing group from file /etc/freeradius/sites-enabled/default Fri May 29 10:23:34 2015 : Info: +- entering group REJECT {...} Fri May 29 10:23:34 2015 : Info: [sql] expand: %{User-Name} -> day2 Fri May 29 10:23:34 2015 : Info: [sql] sql_set_user escaped user --> 'day2' Fri May 29 10:23:34 2015 : Info: [sql] expand: %{User-Password} -> day2 Fri May 29 10:23:34 2015 : Info: [sql] expand: INSERT INTO radpostauth (user, pass, reply, date) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (user, pass, reply, date) VALUES ( 'day2', 'day2', 'Access-Reject', '2015-05-29 10:23:34') Fri May 29 10:23:34 2015 : Debug: rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (user, pass, reply, date) VALUES ( 'day2', 'day2', 'Access-Reject', '2015-05-29 10:23:34') Fri May 29 10:23:34 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 2 Fri May 29 10:23:34 2015 : Debug: rlm_sql (sql): Released sql socket id: 2 Fri May 29 10:23:34 2015 : Info: ++[sql] returns ok Fri May 29 10:23:34 2015 : Info: [attr_filter.access_reject] expand: %{User-Name} -> day2 Fri May 29 10:23:34 2015 : Debug: attr_filter: Matched entry DEFAULT at line 11 Fri May 29 10:23:34 2015 : Info: ++[attr_filter.access_reject] returns updated Fri May 29 10:23:34 2015 : Info: Delaying reject of request 0 for 1 seconds Fri May 29 10:23:34 2015 : Debug: Going to the next request ----- Mail original ----- De: "Alan DeKok" <aland@deployingradius.com> À: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> Envoyé: Jeudi 28 Mai 2015 16:56:21 Objet: Re: acct-session-start attribute ? On May 28, 2015, at 10:51 AM, Jeremy Ravel <Jeremy.Ravel@etu.univ-savoie.fr> wrote:
Hi guys, I am beginner in FR. I want to be able to delay the activation of the login. For example i can create an user monday, but i just want allow him to connect only from friday to logon on my network. I tried to use the attribute acct-session-start on the user, but when i use it one user, the user can never log.
There is no Acct-Session-Start attribute. Delete it from your SQL database. What you want is the Current-Time attribute: http://wiki.freeradius.org/config/Users Check that the Current-Time is smaller than a particular date. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html