Is it possible to set Simultaneous-Use without any SQL/LDAP database ?
Alan DeKok
aland at deployingradius.com
Tue Jan 22 18:47:11 CET 2019
On Jan 22, 2019, at 12:38 PM, Olivier <oza.4h07 at gmail.com> wrote:
>
> Reading this mailing list late messages (from last October up to now), I
> noticed most if not all, questions related to Simultaneous-Use setting
> mentioned some sort of database.
The database is for tracking user sessions. Without a database, you can't track user sessions.
FreeRADIUS implements a simple database in rlm_radutmp. But it's not recommended. It's simple, and has minimal functionality.
If you have 5K users, radutmp is fine. If you have more, use a real database.
> 1. Is it possible to set a value for Simultaneous-Use parameter and still
> define authorized users with a simple file or is it required to use some
> sort of database (*) ?
You don't need a database to *define* users. You need a database to *track* users.
You can put users and passwords into LDAP, and then use SQL to store session data. Or, put users into the "files" module, and use "radutmp" to store session data.
> My target implementation is Debian Stretch with Freeradius 3.0.12.
> With it, I defined what I call users in a file
> /etc/freeradius/3.0/mods-config/files/authorize with entries such as :
> 999_9999 Cleartext-Password := "mysuperpassword"
>
> 2. If possible, can set this Simultaneous-Use within this authorize file
That's what the documentation says to do.
> or
> shall I use an other file (I'm thinking of
> /etc/freeradius/3.0/mods-config/files/accounting ?
That's for accounting... not authorization.
Alan DeKok.
More information about the Freeradius-Users
mailing list