Rejecting auth requests
Tim O'Donovan
tim at icukhosting.co.uk
Sat Oct 15 12:25:50 CEST 2005
Hi,
But wouldn't that require using the users file instead of MySQL? Can the
radcheck table be used in the same way? What I mean is, can a user have
multiple entries within the table? At the moment we just have a single
entry for each user:
+----+-----------------------------------+-----------+----+-----------+
| id | UserName | Attribute | op | Value |
+----+-----------------------------------+-----------+----+-----------+
| 1 | tim at realm | Password | == | test |
+----+-----------------------------------+-----------+----+-----------+
But would this accomplish the same as using the users file:
+----+-----------------------------------+-----------+----+-----------+
| id | UserName | Attribute | op | Value |
+----+-----------------------------------+-----------+----+-----------+
| 1 | tim at realm | Password | == | test |
| 2 | tim at realm | Auth-Type | := | Reject |
+----+-----------------------------------+-----------+----+-----------+
I'm not going to be able to actually try this for myself until Monday,
but any advice in advance would be greatly appreciated.
Kind regards,
Tim O'Donovan
Joe Maimon wrote:
>
>
> Tim O'Donovan wrote:
>
>> Hi,
>>
>> Does anyone know of a simple way to invoke an Access-Reject for a
>> user at the authenticate stage? Without changing the stored password.
>> I have tried altering the 'op' to != and all manner of other
>> combinations from within the rad_check table without success.
>>
>> We would just like to be able to ban/unban a user with a single SQL
>> update statement.
>>
>>
> in the users file, setting a check item like this
>
> user Auth-Type := "Reject"
>
> Seems to do the job.
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list