"Christoph Haas" <[EMAIL PROTECTED]> wrote: > In which order are requests accepted or denied when using MySQL > *and* the 'users' file?
Both the 'users' file and the MySQL are processed. If you want only one or the other, you'll have to set the configurable fail-over sections of the module. See the 'doc' directory for more information. > However when I create an entry for a user with equal attributes > both in the MySQL database and in the 'users' file then the results > are irritating. Let's say I set the order: files/sql. Perhaps 'unexpected'. > What I get in return are the Reply-Items stored in the MySQL > database. Yes. They over-write the ones set by the 'users' file. > Hmmm... I'd expected to get the first positive match which would be > "files" instead of "sql" as I was not using any Fall-Through flags > here. The 'Fall-Through' attribute applies to only to items in the 'users' file. It doesn't affect MySQL at all, or the follow-through from 'files' to 'sql'. Hmm... it may be useful to have a server configuration attribute to control this, so that you can set it in the 'users' file. > Now what? If MySQL and the 'users' file are both used and at least > the MySQL entry matches then the MySQL Reply-Items have priority? > I am very confused and do not dare to use this configuration in our > setup of app. 100 users. Maybe someone can enlighten me? I'll quote what you said before: > However when I create an entry for a user with equal attributes > both in the MySQL database and in the 'users' file... How do you know that the attributes are from MySQL, and not from the 'users' file? I would suggest that you create DIFFERENT configurations in 'files' and 'mysql' for the same user. You will then be able to see what happens. We also need to apply the patch to the SQL module, which allows the use of operators in the SQL configuration. I have a patch sitting around, but it's old, and won't apply to the current version. > BTW, I find freeradius being much better than some commercial > servers which should cost about $5000. Keep up the good work and > *please* write better documentation to prevent the madhouses from > filling. ;) We try. Unfortunately, there's no money in writing documentation, so most free software comes with little or no documentation, sorry. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
