Upgrade From 1 to 2 - problem with authorize

Bjørn Mork bjorn at mork.no
Fri Nov 6 14:16:58 CET 2009


Robert White <rwhite at globalgossip.net> writes:

> What's the difference?
>
> Tbh, I don't even understand the what group queries are.  Documentation
> seems to be kind of lacking.  Not your fault I know, but I don't want you to
> think I haven't tried finding this out for myself!
>
> I've attached my sql.conf and dialup.conf files.

I believe you need a group_membership_query as well in 2.x, although I
do notice that the mssql/dialup.conf example doesn't have one.  That
must be an error.  Feel free to fix it if you get this working.

rlm_sql_process_groups() will process the group list returned by
sql_get_grouplist() and that won't be any unless you configure a 
group_membership_query:

        group_list_tmp = *group_list = NULL;

        if (!inst->config->groupmemb_query ||
            (inst->config->groupmemb_query[0] == 0))
                return 0;


The other dialup.conf examples will tell you how it is supposed to look.
It is a very simple query, so I assume you can convert this to mssql
easily:

        group_membership_query = "SELECT groupname \
          FROM ${usergroup_table} \
          WHERE username = '%{SQL-User-Name}' \
          ORDER BY priority"



Bjørn




More information about the Freeradius-Users mailing list