You can do this. First setup two different tables for auth. Maybe cedt_authcheck and ece_authcheck. Setup your permissions to modify those tables appropriately in mysql.
Then in sql.conf, comment out the authcheck_table variable and create two new ones. ie: cedt_authcheck = "cedt_authcheck" ece_authcheck = "ece_authcheck" Then in the authorize_check_query, use a UNION statement. ie: authorize_check_query = "(SELECT id,UserName,Attribute,Value,op FROM ${cedt_authcheck} WHERE Username = '{SQL-User-Name}' ORDER by id) UNION (SELECT id,UserName,Attribute,Value,op FROM ${ece_authcheck} WHERE UserName = '{SQL-User-Name}' ORDER by id)" This will make radius do two queries, one for each table and do a union on them. This will allow you to check two different tables for each login and you can assign permissions to modify those to only certain users in each department. Do something similar for your reply_queries, by creating two seperate reply tables and running a UNION on them. -Dusty Doris On Thu, 25 Nov 2004, Manjunath M Prabhu wrote: > Hi alan, > i am looking at a situation, where I as a main system admin and service > provider > for IISC maintain a single RADIUS server. I have to provide services to 2 > departments, say CEDT-users and ECE-users. I want to maintain 2 radius > databases (say, radius-1 and radius-2). These radius-1 and 2 databases are to > be mainatined by system admins of respective departments. They shld not be > able > to tamper with each other's databases. > Is this possible?? Do I have to change sql.conf???I am planning to use the > mysql > server. > > thanks, > regards, > Manjunath > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html