multi ssid use multi radcheck
gh.li at microshield.com.cn
gh.li at microshield.com.cn
Thu Mar 23 06:34:57 CET 2017
hi,
I think I must thanks for FR project @Alan DeKok and @others.it is a great and prefect job.
I hava two ssid,SSID-TMP for temporary user and the SSID-EMP for employee-user,they both use the realm_sql for auth.
the data in radcheck as follows:
current,in raddb/sq/mysql/dialup.conf,
authorize_check_query = "SELECT id, username, attribute, value, op FROM ${authcheck_table} WHERE username = '%{SQL-User-Name}' ORDER BY id"
so when a temporary user tmp_user connect SSID-EMP(for employee),he also get the correct password for connecting the SSID-EMP.that should be disabled.
the problem is:how can I map the user to the correct record?
I have extented radcheck tables with field user_ssid,so the records like:
and change the authorize_check_query statement to:
"SELECT id, username, attribute, value, op FROM ${authcheck_table} WHERE username = '%{SQL-User-Name}' and ssid='%{Aruba_Essid_Name}' ORDER BY id"
but I donot get the correct sql statement:
SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'emp' and ssid='' ORDER BY id
another approach:
I define another virtual server,but they use the same sql realm,and use the same sql_query statement,
How can I achieve the resule what I want?
I am confused about this,thanks for any suggestion or advise,
apologize for my english,
gh.li
tel:+8613910260406
email:gh.li at microshield.com.cn
More information about the Freeradius-Users
mailing list