MySQL: Group membership test
Bogdan Dumitriu - Technical Support Team
helpdesk22 at mycybernet.net
Thu May 11 16:23:30 CEST 2006
You can create a group "deactivated" for the users you don't want to
allow to connect and set Auth-Type == Reject for that group.
If you want to tie a group to a certain NAS you have to use huntgroups:
TestNAS1 NAS-IP-Address == xxx.xxx.xxx.xxx
SQL-Group == dialup,
SQL-Group == adsl
It means that is the user is coming from this NAS it has to be a member
of those groups. Otherwise auth fail.
Is this what you are looking for?
At least this is my set up. If you find a better way please let me know.
freeradius-users-bounces+helpdesk22=mycybernet.net at lists.freeradius.org
[mailto:freeradius-users-bounces+helpdesk22=mycybernet.net at lists.freerad
ius.org] On Behalf Of Michael Schwartzkopff
Sent: May 11, 2006 4:22 AM
To: freeradius-users at lists.freeradius.org
Subject: MySQL: Group membership test
As a backend database to RADIUS I use MySQL. No I have a special
I want to autorize a user for a specific service only if the user is
a specific group, say "RAS_User". This configuration is nescessary
this database is used also for other authentication/autorization.
The documentation says, that the authcheck_table is beeing searched for
user and the reply items in the authrepl_table are returned for the
did not find any hint how to configure my freeradius that way, that the
is autorized to use the service only if he is member of a specific
groupcheck is only adds further attributes.
In the ldap module f.i. I can use the "groupmembership_filter".
Is there anything similar in the sql module? How can I configure
the sql module to test the group membership?
Thanks for any help.
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75
PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
More information about the Freeradius-Users