SQL Statement in users file

Phil Mayers p.mayers at imperial.ac.uk
Thu Jan 5 17:28:51 CET 2012

On 05/01/12 15:24, McSparin, Joe wrote:
> Does this seem like a doable scenario in the users file it doesn't
> return anything but I'm not sure if it is query issue or if those values
> are not available in the users file.
> DEFAULT Auth-Type = "ntlm_auth"
> Tunnel-Type = "VLAN",
> Tunnel-Medium-Type = "IEEE-802",
> Tunnel-Private-Group-id = "%{sql:SELECT 'vlans.assigned_vlan' FROM
> 'vlans' WHERE 'vlans.device_mac' = '%{Calling-Station-Id}'}"

That should work.

What does the "debug" say?

It is often preferable to use "unlang" to "users" files entries in the 
current server versions; there's a bit more flexibility, in particular 
you can run the SQL query once in post-auth, and in debug mode you get a 
better idea of what actually matches. e.g.

post-auth {
   update reply {
     Tunnel-Type = "VLAN",
     Tunnel-Medium-Type = "IEEE-802",
     Tunnel-Private-Group-id = "%{sql:SELECT ...}"

More information about the Freeradius-Users mailing list