SQL Huntgroup only work with user check, not group check
George Koulyabin
jumbo at vinf.ru
Fri Sep 4 10:24:12 CEST 2009
On Thu, Sep 03, 2009 at 07:36:31AM -0300, Carlos Eduardo Tavares Terra wrote:
> On Thu, Sep 3, 2009 at 6:30 AM, George Koulyabin<jumbo at vinf.ru> wrote:
> >
> I wrote the rules for huntgroup here because the rules in groupcheck
> didn't work. If I take this out, just keeping the groupcheck, 'jack'
> will connect from any hardware. The groupcheck is ignoring the
> huntgroups.
You must to use huntgroups for consolidation of Your hardware by identical properties. For examle, You
can create huntgroup for wireless hardware and huntgroup for access-servers.
Groups, sql-groups (radusergroup/radgroupcheck/radgroupreply) are intended for consolidation of users.
In Your 'sql-rules' You wrote: "User has 'wireless' sql-group membership. But user has this membership when he'll
connected from the hardware (member of 'wireless' huntgroup)."
See FreeRADIUS documentation, file rlm_sql.
More information about the Freeradius-Users
mailing list