FreeRADIUS, MySQL and usergroups again
Christopher Carver
ccarver at pennswoods.net
Thu May 11 17:38:39 CEST 2006
If you want to use rlm_sql you do this with the tables radius.usergroup
and radius.radgroupcheck. In radius.radgroupcheck you'd have something
like this:
+----+---------------+-----------+----+--------+
| id | GroupName | Attribute | op | Value |
+----+---------------+-----------+----+--------+
| 1 | RASUser | Auth-Type | := | system |
Then in radius.usergroup for each user you want in this group you'll
have a row like this:
+--------+----------+---------------+
| id | UserName | GroupName |
+--------+----------+---------------+
| 39747 | thisuser | RASUser |
That pasted rather ugly, but I think you should get the point. Using
sql eliminates the need for the users file to be able to do what you
asked about. Let me know if this doesn't answer your question.
Chris Carver
Pennswoods.Net
Network Engineer
Michael Schwartzkopff wrote:
> Hi,
>
> I want to authorize users according to the membership in a group. With
> Auth-Type=System it is easy:
>
> DEFAULT Auth-Type = System, Group == "RASUser"
>
> Is there any analogy to this setup in the sql module? Thanks for any help, I
> am quite desparate already ...
>
>
> ------------------------------------------------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list