Upgrade From 1 to 2 - problem with authorize
Bjørn Mork
bjorn at mork.no
Fri Nov 6 14:16:58 CET 2009
Robert White <rwhite at globalgossip.net> writes:
> What's the difference?
>
> Tbh, I don't even understand the what group queries are. Documentation
> seems to be kind of lacking. Not your fault I know, but I don't want you to
> think I haven't tried finding this out for myself!
>
> I've attached my sql.conf and dialup.conf files.
I believe you need a group_membership_query as well in 2.x, although I
do notice that the mssql/dialup.conf example doesn't have one. That
must be an error. Feel free to fix it if you get this working.
rlm_sql_process_groups() will process the group list returned by
sql_get_grouplist() and that won't be any unless you configure a
group_membership_query:
group_list_tmp = *group_list = NULL;
if (!inst->config->groupmemb_query ||
(inst->config->groupmemb_query[0] == 0))
return 0;
The other dialup.conf examples will tell you how it is supposed to look.
It is a very simple query, so I assume you can convert this to mssql
easily:
group_membership_query = "SELECT groupname \
FROM ${usergroup_table} \
WHERE username = '%{SQL-User-Name}' \
ORDER BY priority"
Bjørn
More information about the Freeradius-Users
mailing list