Dear Alan, thanks for your response....just two things for the moment:
You may need to install v3. Honestly, just install 3.0.15, and go with that.
Ok, but can I use my current server with version 2.2.5 in order to test the SQL authorization or the use of version 3.x is mandatory ???
You will need to edit raddb/sites-enabled/default, and also the raddb/mods-enabled/sql
Now I have edited default and inner-tunnel files, but you tell me to edit just default (and also sql module)...inner-tunel is not necessary??? Really thanks, regards! ADAM 2017-09-01 10:23 GMT-03:00 Alan DeKok <aland@deployingradius.com>:
On Sep 1, 2017, at 8:58 AM, Adam Cage <adamcage27@gmail.com> wrote:
Dear, thank you, LDAP authorization works OK now. Using outer.request was the solution!!!
That's good.
At the moment I have this scenario:
AD authentication --> OK LDAP group and SSID authorization --> OK
Is it possible to add and SQL authorization in order to query a remote MySQL DB searching for MAC Addresses defined in a whitelist table ???
Sure. Just add an SQL query to the configuration:
if ("%{sql:SELECT ... }") { ... }
Run the SELECT manually. Use Calling-Station-ID for the MAC address, or if that attribute has the SSID in it, add "rewrite_called_station_id" in the "authorize" section, before the SQL SELECT.
If the MAC Address is in the table, and the group and SSID are OK with the LDAP authorization section, finally the user can access the WiFi network.
In the affirmative case, do I have to install a new freeradius package?
You will need to be sure that rlm_sql is installed.
You may need to install v3. Honestly, just install 3.0.15, and go with that.
And which extra files do I have to edit ?
You will need to edit raddb/sites-enabled/default, and also the raddb/mods-enabled/sql
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/ list/users.html