Matching Airespace-Wlan-Id in users files or radgroupcheck database
Alan DeKok
aland at deployingradius.com
Wed Feb 17 17:54:07 CET 2010
Adam Wien wrote:
> Here's my database setup.
Please read doc/rlm_sql.
> mysql> select * from radcheck where username='adam at cpanel.net';
> +------+-----------------+--------------------+----+----------+
> | id | username | attribute | op | value |
> +------+-----------------+--------------------+----+----------+
> | 1072 | adam at cpanel.net | Cleartext-Password | := | BLANK |
> +------+-----------------+--------------------+----+----------+
Defines a password...
> mysql> select * from radgroupcheck;
> +------+-----------+-------------------+----+-------+
> | id | groupname | attribute | op | value |
> +------+-----------+-------------------+----+-------+
> | 1072 | Sysadmin | Airespace-Wlan-Id | == | 9 |
> +------+-----------+-------------------+----+-------+
Says "group sysadmin checks if the airespace attribute matches"
> mysql> select * from radusergroup;
> +-----------------+-----------+----------+
> | username | groupname | priority |
> +-----------------+-----------+----------+
> | adam at cpanel.net | Sysadmin | 1 |
> +-----------------+-----------+----------+
Says "user adam... is in group sysadmin".
Where did you configure it do *do* something, like reject the user?
This configuration does *not* deny users access by matching
Airespace-Wlan-Id. That should be clear: there is no "deny" rule!
Alan DeKok.
More information about the Freeradius-Users
mailing list