Access-Accept if user exists in database

Mika mika.koivisto at
Mon Jan 30 13:51:59 CET 2012

Running 2.1.10 with virtual-servers configured with many port
configurations, sql modules loaded and working.
The idea for this new port is:
Users authenticating with smartcards that get checked outside the FreeRadius
and we want to permit/deny access if the user-name does or does not exist in
a SQL database.
This means no User-Password checking.
We have the NAS configured so it will send user-name and an empty or a bogus
password in the Access-Request for each User-Name
I would like to add a port configuration that checks the above. 
My unlang skill are limited so i am hoping for some good pointers here.
Something like:

authorize {
update request {
TmpString := "%{sql:select User FROM table where.... }"
if User-Name == %{TmpString}
send Access-Accept
send Access-Reject

There are probably easier ways of doing this?
Is this possible or is the User-Password required for every authentication?
Any help appreciated.


View this message in context:
Sent from the FreeRadius - User mailing list archive at

More information about the Freeradius-Users mailing list