> Check out the default_user_profile directive in sql.conf. This feature has been > added in the latest versions of the sql module. The comments in sql.conf should > also be very helpfull. Ok, I've found it. After some tests, I've reached the situation: default profile works, in fact. But in my case, I need to set up a default profile with Auth-Type=Accept; the problem is FreeRadius applies default profile to all users, BEFORE verifying radcheck table. This way, everybody can log in, with any password, and falls in default profile. In this point, IC-Radius is more intelligent (or I'm more stupid, and didn't find the way): IC verifies radcheck table BEFORE, and if the supplied credentials are ok, authenticates the registered user; otherwise - since the credentials aren't in radcheck tables - the user falls in DEFAULT scope, going to a group according with radgroup table (where I can setup different pool, NAS filter, and so on)
This is the puzzle. Maybe I've missed something, but as far as I've gone, there's no way to: a) if the login/pass EXISTS in radcheck, authenticate the user with the credentials; b) OTHERWISE, apply group features to this user, now a DEFAULT user. If there's any way to do this, I'll be very helpful. FreeRadius seems to be more functional than ICradius, but for now, I've switched back. -- Fernando - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html