Matching Airespace-Wlan-Id in users files or radgroupcheck database

Adam Wien adam.wien at gmail.com
Wed Feb 17 18:26:01 CET 2010


On Feb 17, 2010, at 10:54 AM, Alan DeKok wrote:

> Adam Wien wrote:
>> Here's my database setup.
> 
>  Please read doc/rlm_sql.
> 
>> mysql> select * from radcheck where username='adam at cpanel.net';
>> +------+-----------------+--------------------+----+----------+
>> | id   | username        | attribute          | op | value    |
>> +------+-----------------+--------------------+----+----------+
>> | 1072 | adam at cpanel.net | Cleartext-Password | := | BLANK | 
>> +------+-----------------+--------------------+----+----------+
> 
>  Defines a password...
> 
>> mysql> select * from radgroupcheck;
>> +------+-----------+-------------------+----+-------+
>> | id   | groupname | attribute         | op | value |
>> +------+-----------+-------------------+----+-------+
>> | 1072 | Sysadmin  | Airespace-Wlan-Id | == | 9     | 
>> +------+-----------+-------------------+----+-------+
> 
>  Says "group sysadmin checks if the airespace attribute matches"
> 
>> mysql> select * from radusergroup;
>> +-----------------+-----------+----------+
>> | username        | groupname | priority |
>> +-----------------+-----------+----------+
>> | adam at cpanel.net | Sysadmin  |        1 | 
>> +-----------------+-----------+----------+
> 
>  Says "user adam... is in group sysadmin".
> 
>  Where did you configure it do *do* something, like reject the user?

I guess that's my real question. What database does that belong in? 

I've tried adding it to 'radgroupreply' and also 'radgroupcheck' with a higher ID(although the latter doesn't seem correct).



> 
>  This configuration does *not* deny users access by matching
> Airespace-Wlan-Id.  That should be clear: there is no "deny" rule!
> 
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





More information about the Freeradius-Users mailing list