user auth against mysql
richard lucassen
mailinglists at lucassen.org
Tue Aug 8 22:55:24 CEST 2006
On Tue, 08 Aug 2006 16:10:18 -0400
"Alan DeKok" <aland at deployingradius.com> wrote:
> richard lucassen <mailinglists at lucassen.org>wrote:
> > I do NOT administrate this MySQL database and I have just
> > 'databasename + username field + password field' and I just have
> > access to this db to authenticate. Nothing more than that.
>
> I'm not sure what you mean by "access to this DB to authenticate".
Sorry, I have privileges to read the UserName and the (encrypted)
Password field.
> > 1) the sql.conf file is filled up with things I do not need, because
> > the MySQL db has no structure that corresponds to the sql.conf file.
> > Can I simply uncomment all lines I do not need?
>
> The schema FreeRADIUS uses is pretty much hard-coded into the SQL
> module, sorry. So it can't easily be used with another schema.
Ok, so AFAIUI it would be better to dump the original db to a file and
populate a server which is set up according to the freeradius schema. If
possible of course (but that's a MySQL issue and beyond the scope of
this list of course)
> > 2) in the accounting and authorize part of radiusd.conf there is an
> > entry "sql", but not in "authenticate" as where I'd expect such an
> > entry. Why is that?
>
> Does your SQL DB perform 802.1X authentication? MS-CHAP? CHAP?
> HTTP digest authentication?
>
> I thought not. SQL DB's are data stores, not authentication
> servers. FreeRADIUS is an authentication server, not a data store.
Ok, that's clear. Thnx.
R.
--
___________________________________________________________________
It is better to remain silent and be thought a fool, than to speak
aloud and remove all doubt.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht |
| Public key and email address: |
| http://www.lucassen.org/mail-pubkey.html |
+------------------------------------------------------------------+
More information about the Freeradius-Users
mailing list