Mulitple sql groups or User in Multiple groups

Stavros Patiniotis stavros at staff.esc.net.au
Fri Dec 8 06:22:18 CET 2006


Hi again,

I just want to clarify my previous email.

What I want is to authenticate one user who is in multiple groups. I am
assuming that the group binding is occurring as a result of the check items,
but this is where it appears to fail. In fact two separate problems are
occurring with point 5 from http://wiki.freeradius.org/Rlm_sql

1. Incorrect radgroupreply items are being returned, dependant on database
row order. I have found that the first group returned from usergroup is used
for the reply, even if that group doesn't match the check items in
radgroupcheck.

2. The user cannot authenticate at all when trying the second or subsequent
groups (as returned from usergroup).

For clarity I am trying to achieve the SQL equivalent of the lines below,
however as we are doing chap I need to have the usernames and passwords
stored in the database (radcheck). 

DEFAULT Auth-Type := Local, NAS-IP-Address == "10.0.0.1"
Exec-Program-Wait = "/program for nas1"

DEFAULT Auth-Type := Local, NAS-IP-Address == "10.0.0.2"
Exec-Program-Wait = "/program for nas2"

Is what I am trying to do possible, or is the server code need attention?

PS; What happened to the new website?

Cheers, 
 
Stavros
EscapeNet




More information about the Freeradius-Users mailing list