Turn of user acc - MySQL

Marinko Tarlac mangia81 at gmail.com
Wed Oct 31 09:25:34 CET 2007


Subject: Re: Turn of user acc - MySQL
>
> Deleting user from the database - bad idea. You do want him back?

I have users inside another table (name, address, id etc..) and only
those who need access I transfer to radcheck table. So if I remove
them from radcheck, I can easily turn  them back.

>
> Auth-Type Reject is a check item so it would go into rad(group)check
> table.  It's better to create a group for suspended users and swithch
> user to it than to add the attribute to each user.
>
> Think about using sqlcounters and/or Epiration attribute.

Good ideas so I will think about it...

Best regards

>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 30/10/2007, "Marinko Tarlac" <mangia81 at gmail.com> pi?e:
>
> >Hello
> >
> >I made small web based application and it uses MySql database. I can
> >add user accounts, create packages, add access points etc and now I
> >need to create script for user control.
> >
> >Question is next. Is it better to remove the username from radcheck
> >table or it is better option to add access-reject atribute for
> >specific user in radreply table. Is there any better solution. Also
> >I'm thinking to create small perl script which I can call during auth
> >process.
> >
> >I'm not sure did you understand me :)
> >-
> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
> >
>
>
>
> ------------------------------
>
> Message: 7
> Date: Wed, 31 Oct 2007 11:53:23 +1000 (EST)
> From: David Hobley <david.hobley at mionegroup.com>
> Subject: Re: Configure authentication via LDAP Group membership issue
>         [sec=unclassified]
> To: FreeRadius users mailing list
>         <freeradius-users at lists.freeradius.org>
> Message-ID: <3661210.62301193795603796.JavaMail.root at mail.onegrp.com>
> Content-Type: text/plain; charset="utf-8"
>
> Frank,
>
> Thank you - greatly appreciated. This made me realise that my thinking was foggy when I had defined group memberships. All working now.
>
> Cheers,
> David
> ----- Original Message -----
> From: "Frank MR Ranner" <Frank.Ranner at defence.gov.au>
> To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
> Sent: Wednesday, 31 October 2007 10:20:36 AM (GMT+1000) Australia/Brisbane
> Subject: RE: Configure authentication via LDAP Group membership issue [sec=unclassified]
>
> ...
> _______________________________
>
> The memberUid attribute in a posixgroup is supposed to hold the uid, not
> the uidNumber. That would make your groupmembership_filter =
> "(memberUid=%{User-Name})" or more robustly,
> groupmembership_filter =
> "(&(memberUid=%{Stripped-User-Name:-%{User-Name}})(objectClass=posixGrou
> p))"
>
> Regards,
> Frank Ranner
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20071031/258fde31/attachment.html>
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 30, Issue 117
> *************************************************
>



More information about the Freeradius-Users mailing list