Local user or DB?

Alan DeKok aland at deployingradius.com
Fri Jan 22 15:58:45 CET 2016


On Jan 22, 2016, at 9:42 AM, Tevfik Ceydeliler <tevfik.ceydeliler at astron.yasar.com.tr> wrote:
> 
> OK. Let me clearify my problem.
> There are 3 places where located my users.

  Which users are where?  Is it random?  Or is there a method to the organization of users?

  And why not just unify all of the users into one database?

> If user  try to authenticate and if this user defined local file or MySQL radiusdb, there is no problem.
> If user try to authenticate and if this user is defined im MSSQL DB, I have to use custom query.

  OK...

> Thats' why freeradius should know where com from authentication request and which custom query will be run .

  How do you expect it to know that?  i.e. is it random?  Is it something in the packet?

> To separate localfiles/Mysql and MSSQL  can I use realm? and If possible how can I trigger this custom query?

  You can run a custom query by using "unlang" policies.

  As to *when* to run the custom query, that's up to you.

  Right now, your problem statement is this:

- I have users in database A, B, or C
- when requests come with a user-name, I want to check one of the 3 databases
- but I don't know which database to check
- and I don't want to check all of them

  So... figure out which database you want to check, and why that user is in that database.

  FreeRADIUS isn't magic.  There's no magical way for it to know what to do.  You can't write policies which say "magically do what I want".

  You need to know what you want FreeRADIUS to do.  Then, write those rules down in "unlang".

  If you don't know what you want FreeRADIUS to do, then you can't configure it to do anything.

  Alan DeKok.




More information about the Freeradius-Users mailing list