SQL and Huntgroups

Fajar A. Nugraha list at fajar.net
Tue Apr 30 00:35:43 CEST 2013

On Tue, Apr 30, 2013 at 4:31 AM, Grégoire Leroy
<gregoire.leroy at retenodus.net> wrote:
> Maybe I was not clear enough above.
> What I want is :
> 1) Set the password for the user
> 2) Authentication of the user
> 3) X is always added to the reply if the user is authenticated
> 4) Moreover, Y is added to the reply for NAS, still if the user is authenticated
> I use radreply for X, the issue here is step 4. The how-to on the wiki about huntgroups and SQL
> recommends to use unlang in the authorize section. So, I update the request to assign the Huntgroup-
> Name attribute, and use unlang to add the Y configuration (user dependent) if the huntgroupname is
> "one_huntgroup_name".

That's not what the wiki said. Well, you can do that, but it doesn't
say that you can ONLY do that. You can do other stuff as well.


It pretty much said that:
- you need to add an entry to radgroupcheck, so that when
Huntgroup-Name matches a value (site_a), an SQL group (site_a_admins)
will be assigned
- you add entries to radgroupreply to return
whatever-attribute-value-pairs-you-want for site_a_admins group.

> That's why I maintain a seperate table, for Y configuration, and I would like to be able to
> dynamically update my request with the attributes,op,values of the user.
> Is it possible ?

Read the wiki.


More information about the Freeradius-Users mailing list