SQL Huntgroup only work with user check, not group check
George Koulyabin
jumbo at vinf.ru
Thu Sep 3 11:30:54 CEST 2009
On Tue, Sep 01, 2009 at 09:49:20PM -0300, Carlos Eduardo Tavares Terra wrote:
> +----+-----------+--------------+-----------+
> | id | groupname | nasipaddress | nasportid |
> +----+-----------+--------------+-----------+
> | 5 | wireless | 192.168.2.5 | NULL |
> | 4 | adsl | 192.168.2.6 | NULL |
> +----+-----------+--------------+-----------+
You described the huntgroups for Your hardware.
> +----------+-----------+----------+----+
> | username | groupname | priority | id |
> +----------+-----------+----------+----+
> | jack | wireless | 1 | 1 |
> +----------+-----------+----------+----+
User jack had got the 'wireless' membership.
> +----+----------+--------------------+----+----------+
> | id | username | attribute | op | value |
> +----+----------+--------------------+----+----------+
> | 5 | jack | Huntgroup-Name | == | wireless |
> | 4 | jack | Cleartext-Password | := | foo |
> +----+----------+--------------------+----+----------+
You wrote rules for authorization/athentication of jack: Jack grants access from hardware of 'wireless' huntgroup with 'foo' password.
> mysql> select * from radgroupcheck;
> +----+-----------+----------------+----+----------+
> | id | groupname | attribute | op | value |
> +----+-----------+----------------+----+----------+
> | 8 | wireless | Huntgroup-Name | == | wireless |
> +----+-----------+----------------+----+----------+
But there is You wrote that You want to authorize the 'wireless' memebership for jack.
More information about the Freeradius-Users
mailing list