SUSPENSION OF ACCOUNT

Mark Elkins mje at posix.co.za
Wed Oct 26 09:26:07 CEST 2005


On Tue, 2005-10-25 at 09:47 +0100, maruna wrote:

> I use FreeRadius v 1.0.5 with postgresql 7.3.4 on redhat Linux ES3 and
> its been working well. However, I want to create accounts where these
> accounts will be suspended after let say a month and this suspension
> continue until the account is renewed manually. 

I use MySQL as my backend...

My MySQL "Useracct" table contains fields like...

userid username password dateadded ip status realm expiredate 
(and others..)

This is all managed by Web and PHP (and some shell scripts)

Rather than create all the normal table names, I modified my SQL
commands...
ie
authorize_check_query = "SELECT userid as id,UserName,'Password' as
Attribute,password as Value,'==' as op FROM useracct WHERE
Username='%{Stripped-User-Name}' AND realm='%{Realm}' AND status>2 AND
expiredate>now() ORDER BY id"

authorize_reply_query = "SELECT userid as
id,UserName,'Framed-IP-Address' as Attribute,ip as Value,':=' as op 
FROM useracct WHERE Username='%{Stripped-User-Name}' AND
realm='%{Realm}' AND status>2 AND ip != '255.255.255.254' AND
expiredate>now() ORDER BY id"

ie - this should not authenticate if the user has a status of less than
two (Deleted, Suspended) or his expire day has been reached (ie - I gave
him a 30 day test account).

This is for a typical Dial-up type situation - where the user will not
stay on-line continuously for days on end... 

Also authorize_group_check_query, authorize_group_reply_query (and
others) are also somewhat customised.
-- 
  .  .     ___. .__      Posix Systems - Sth Africa.  e.164 VOIP ready
 /| /|       / /__       mje at posix.co.za  -  Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496




More information about the Freeradius-Users mailing list