freeradius proxy question

freeradius at freeradius at
Thu Aug 25 05:06:03 CEST 2005

>> freeradius at wrote:
>>> Greetings.  I am using freeradius and want to do the following:
>>> 1.  proxy authentication to a secondary server for two-factor
>>> authentication
>>> 2.  if the user is authenticated via the home server, add attributes
>>> via
>>> definitions from the local freeradius server from a sql database
>>   See postauth_query.
>>   Alan DeKok.
> From what I can tell, that only enters
> accounting data into the database.  is there something I am missing?
> The other thing I don't get:  I ran radiusd in debug mode, and saw the
> following line:
>  FROM radgroupreply,usergroup WHERE usergroup.Username = 'xxxxx' AND
> usergroup.GroupName = radgroupreply.GroupName ORDER BY
> This query select the attributes that I want to have sent back.  However,
> the reply detail logs show that the attributes are not sent.
> The only thing I can think of is that the user I am testing with is a
> memmber of several groups and only one of them has attributes to return at
> the moment.
> Thanks
Since no one ever got back to me on this, I assume either a. i pissed off
the folks that monitor this list b. no one has the answer or c. i missed
the obvious and no one wanted to point it out.

The solution I came up with was to set
         post_proxy_authorize = yes

freeradius now passes back the attributes in the sql database.  Still
would like to konw how to make this work with postauth_query, but I can't
seem fin d any indications of how to do that..... input would be

respectfully submitted.....

More information about the Freeradius-Users mailing list