Username OR Serial Number

Alan DeKok aland at
Tue Nov 29 18:12:27 CET 2016

On Nov 29, 2016, at 11:52 AM, David Teston <dteston at> wrote:
>>> [From my initial message] let /policy.d/filter determine how to process
> it.
>> [From your first message] when someone logs in using a serial number,
> look that up in the table, get the name.
> How will it know whether or not they're using a serial number?

  How will *you* now it's a serial number?  It's not like the contents of the User-Name are secret.  You know what they are, and you can look at them to see which ones are serials and which ones are not.  Then, write "unlang" rules to tell them apart.

  Or even simpler, just look up every User-Name in the table, as if the User-Name was a serial number.  If something is found, the User-Name must have been a serial number.  If nothing is found, the User-name is not a serial number.

>> have a table which maps serial numbers to User-Names.
> Could I just add a "serial" column to the radcheck table?

  Maybe.  I'd avoid changing the default configuration / schema / queries.  It makes upgrading more difficult.

  Adding one more table && a single SELECT statement is rather a lot simpler.

  Alan DeKok.

More information about the Freeradius-Users mailing list