User-Profile and Fall-Through attributes

Fernando Pizarro feanpg at gmail.com
Sat Jan 11 16:13:00 CET 2014 

Hi all,

I'm running FreeRADIUS version 2.1.12 on Debian 7.3 and I'm using 
User-Profile attribute to organise my users into profiles. I have active 
read_groups in sql.conf file but in all groups I need add Fall-Through 
to get all attributes of the groups.

  Module: Linked to module rlm_sql
  Module: Instantiating module "sql" from file /etc/freeradius/sql.conf
   sql {
         driver = "rlm_sql_mysql"
         server = "localhost"
         port = ""
         login = "radius"
         password = "radpass"
         radius_db = "radiusdb"
*read_groups = yes*
         sqltrace = no
         sqltracefile = "/var/log/freeradius/sqltrace.sql"
         readclients = yes
         deletestalesessions = yes

For example: With Fall-Through attribute equal Yes, there is the result

[sql] *Checking profile DF_V2_U3*
[sql] sql_set_user escaped user --> 'DF_V2_U3'
[sql]   expand: SELECT groupname           FROM radusergroup           
WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT 
groupname           FROM radusergroup           WHERE username = 
'DF_V2_U3'           ORDER BY priority
[sql]   expand: SELECT id, groupname, attribute,           Value, 
op           FROM radgroupcheck           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           Value, op           FROM radgroupcheck           
WHERE groupname = 'DF'           ORDER BY id
[sql] *User found in group DF*
[sql]   expand: SELECT id, groupname, attribute,           value, 
op           FROM radgroupreply           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           value, op           FROM radgroupreply           
WHERE groupname = 'DF'           ORDER BY id
[sql]   expand: SELECT id, groupname, attribute,           Value, 
op           FROM radgroupcheck           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           Value, op           FROM radgroupcheck           
WHERE groupname = 'V2'           ORDER BY id
[sql] *User found in group V2*
[sql]   expand: SELECT id, groupname, attribute,           value, 
op           FROM radgroupreply           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           value, op           FROM radgroupreply           
WHERE groupname = 'V2'           ORDER BY id
[sql]   expand: SELECT id, groupname, attribute,           Value, 
op           FROM radgroupcheck           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           Value, op           FROM radgroupcheck           
WHERE groupname = 'EX'           ORDER BY id
[sql] *User found in group EX*
[sql]   expand: SELECT id, groupname, attribute,           value, 
op           FROM radgroupreply           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           value, op           FROM radgroupreply           
WHERE groupname = 'EX'           ORDER BY id
[sql]   expand: SELECT id, groupname, attribute,           Value, 
op           FROM radgroupcheck           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           Value, op           FROM radgroupcheck           
WHERE groupname = 'U3'           ORDER BY id
[sql] *User found in group U3*
[sql]   expand: SELECT id, groupname, attribute,           value, 
op           FROM radgroupreply           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           value, op           FROM radgroupreply           
WHERE groupname = 'U3'           ORDER BY id
rlm_sql (sql): Released sql socket id: 3
++[sql] returns ok

And with Fall-Through equal No or without it:

[sql] *Checking profile DF_V2_U3*
[sql] sql_set_user escaped user --> 'DF_V2_U3'
[sql]   expand: SELECT groupname           FROM radusergroup           
WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT 
groupname           FROM radusergroup           WHERE username = 
'DF_V2_U3'           ORDER BY priority
[sql]   expand: SELECT id, groupname, attribute,           Value, 
op           FROM radgroupcheck           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           Value, op           FROM radgroupcheck           
WHERE groupname = 'DF'           ORDER BY id
[sql] *User found in group DF*
[sql]   expand: SELECT id, groupname, attribute,           value, 
op           FROM radgroupreply           WHERE groupname = 
'%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, 
attribute,           value, op           FROM radgroupreply           
WHERE groupname = 'DF'           ORDER BY id
rlm_sql (sql): Released sql socket id: 2
++[sql] returns ok

I add the User-Name and User-Profile with Fall-Through attribute in 
radreply table but doesn't work. Always I need add Fall-Through 
attribute at the groups or there are another way to create profiles?

Regards. Fernando.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140111/852fae16/attachment.html>

More information about the Freeradius-Users mailing list