> On Wed, Feb 23, 2005 at 08:22:21AM +1100, Michael Mitchell wrote: > > From: Michael Mitchell <[EMAIL PROTECTED]> > > To: freeradius-users@lists.freeradius.org > > Subject: Re: Grouping accounts > > Date: Wed, 23 Feb 2005 08:22:21 +1100 > > > > I'm not sure that Steven ever mentioned that his user database is ldap > > (perhaps Steven could clarify this for us?)?? > > PostgreSQL.
Must have combined posts in my head and thought you were doing ldap. Sorry. > > I'm sure you could do a very similar thing with sql - have an "Account" > > table for billing purposes, and a "Service" table for authentication > > purposes, with each service linked back to the "Account" via an "Account > > ID". > > > > You may have to play with the accounting queries in the sql module > > configuration a little if you want the accounting records to reference > > the "Account ID"... > > I've been talking to the boss and one of the Perl programmers. Apparently > we're going to do it using FreeRadius/Perl/PostgreSQL. > > I thought LDAP was the way to go, but I was wrong. > > Steven. I think LDAP is the way to go, as its designed just for this kind of thing. It is optimized for reads, and its purpose is to store attributes about an object. This is really what authorization and authentication is all about (in my opinion). But, postgres will probably get you what you need too. You can do something similar to what I talked about for ldap. You will create two sql instances and then change the sql queries for each one. sql ftpusers { authorize_check_query = "SELECT .... from something..." } sql dialusers { ... } Then modify the users so that the huntgroup for ftp users runs ftpusers sql instance and dial to dial. Good luck. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html