Am Donnerstag, 11. Mai 2006 17:38 schrieb Christopher Carver:
If you want to use rlm_sql you do this with the tables radius.usergroup and radius.radgroupcheck. In radius.radgroupcheck you'd have something like this:
+----+---------------+-----------+----+--------+
| id | GroupName | Attribute | op | Value |
+----+---------------+-----------+----+--------+
| 1 | RASUser | Auth-Type | := | system |
Then in radius.usergroup for each user you want in this group you'll have a row like this:
+--------+----------+---------------+
| id | UserName | GroupName |
+--------+----------+---------------+
| 39747 | thisuser | RASUser |
That pasted rather ugly, but I think you should get the point. Using sql eliminates the need for the users file to be able to do what you asked about. Let me know if this doesn't answer your question.
Chris Carver
Thanks for your answer. But I think this is not quite what I was looking for. I want to administer the passwords in MySQL, not in the system, so I need Auth-Type := Local. And this authenticates every user that is in the database, not only these in the specific group. I solved it adding DEFAULT Group !="RASUser", Auth-Type := Reject in my files. -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B Skype: misch42