question about mac auth, vlans and mysql queries.

Nazzareno Taborgna nazzareno.taborgna at lngs.infn.it
Wed Nov 18 13:45:05 CET 2015


Il 18/11/2015 12:12, Микаел Бак ha scritto:
> On 2015-11-18 12:06, Nazzareno Taborgna wrote:
> [snip]
>> but when it is in the file dialup.conf:
>>
>> #   authorize_check_query = "SELECT r.id, r.username, r.attribute,
>> r.value, r.op, rg.groupname, ry.value, ptrnas, nasname   \
>>          FROM  radcheck r  LEFT JOIN radusergroup rg ON
>> r.username=rg.username \
>>                  LEFT JOIN radgroupreply ry on rg.groupname=ry.groupname \
>>                  LEFT JOIN nasvlan  on ry.value=vlan \
>>                  LEFT JOIN nas on nasvlan.ptrnas=nas.id         \
>>                  WHERE r.username='%{NAS-IP-Address}' AND
>> ry.attribute='Tunnel-Private-Group-ID' \
>>                                        AND nasname='%{NAS-IP-Address}'
>> ORDER BY radcheck.id "
>> #
>> the freeradius deads:
>> /usr/sbin/freeradius -X
>> ...
>> including configuration file /etc/freeradius/sql/mysql/dialup.conf
>> /etc/freeradius/sql/mysql/dialup.conf[130]: Expecting section start
>> brace '{' after "FROM radcheck"
>> Errors reading or parsing /etc/freeradius/radiusd.conf
>>
> As I see it, you forgot to uncomment the first line of the query.
>
> HTH,
> Mikael
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
My other error was in

WHERE r.username='%{NAS-IP-Address}' AND

it should be

WHERE r.username='%{SQL-User-Name}' AND

Now it is working fine.






More information about the Freeradius-Users mailing list