Adam Wien wrote:
Here's my database setup.
Please read doc/rlm_sql.
mysql> select * from radcheck where username='adam@cpanel.net'; +------+-----------------+--------------------+----+----------+ | id | username | attribute | op | value | +------+-----------------+--------------------+----+----------+ | 1072 | adam@cpanel.net | Cleartext-Password | := | BLANK | +------+-----------------+--------------------+----+----------+
Defines a password...
mysql> select * from radgroupcheck; +------+-----------+-------------------+----+-------+ | id | groupname | attribute | op | value | +------+-----------+-------------------+----+-------+ | 1072 | Sysadmin | Airespace-Wlan-Id | == | 9 | +------+-----------+-------------------+----+-------+
Says "group sysadmin checks if the airespace attribute matches"
mysql> select * from radusergroup; +-----------------+-----------+----------+ | username | groupname | priority | +-----------------+-----------+----------+ | adam@cpanel.net | Sysadmin | 1 | +-----------------+-----------+----------+
Says "user adam... is in group sysadmin". Where did you configure it do *do* something, like reject the user? This configuration does *not* deny users access by matching Airespace-Wlan-Id. That should be clear: there is no "deny" rule! Alan DeKok.