Done. There are more examples for using Auth-Type Reject, which is essentially the same thing for banning users. It might make sense to group them under the heading "How to ban/permit users regardless of the password".
Ivan Kalik Kalik Informatika ISP Dana 5/5/2008, "Dejan Markic" <[EMAIL PROTECTED]> piše: >Hello! > >Thanks, this cleared up the thing ... it's working now. >It would be great if this, what you wrote to me, would be on the FAQ - as what >is written now, and I've read it, didn't give me correct clue :) > >Thanks! > >Kind regards, >Dejan > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ivan Kalik >Sent: Monday, May 05, 2008 1:07 PM >To: FreeRadius users mailing list >Subject: Re: Different replies based on Service-Type > >Yes. Just add Auth-Type := Accept in radgroupcheck for Call-Check group. >This is documented in FAQ, you just adapt it for your case: > >http://wiki.freeradius.org/index.php/FreeRADIUS_Wiki:FAQ#How_do_I_permit_access_to_any_user_regardless_of_password.3F > >Ivan Kalik >Kalik Informatika ISP > > >Dana 5/5/2008, "Dejan Markic" <[EMAIL PROTECTED]> piše: > >>Hello! >> >>I need some configuration help, I'm stuck! I have configured Freeradius to >>work great with PPP access with user/pass, etc using rlm_sql module with >>MySQL. >>Now I have a problem. I have different requests coming in from OpenSER. One >>is authentication it self (the registration) which includes the user/pass >>combination - the packet looks like this: >> User-Name = "[EMAIL PROTECTED]" >> Digest-Attributes = 0x0a073130303030 >> Digest-Attributes = 0x0110766f69702e6962757273742e7369 >> Digest-Attributes = >> 0x022a34383165633632613431333361613638303939666434316333306136396363643665363765353239 >> Digest-Attributes = 0x04147369703a766f69702e6962757273742e7369 >> Digest-Attributes = 0x030a5245474953544552 >> Digest-Response = "0d741120406c55bb2631bc16ba79eedc" >> Service-Type = Sip-Session >> Sip-Uri-User = "10000" >> NAS-Port = 5060 >> NAS-IP-Address = 172.16.3.10 >> >>This works OK, and user get's authenticated. But how could I match also this >>query received: >> >> User-Name = "[EMAIL PROTECTED]" >> Service-Type = Call-Check >> NAS-Port = 0 >> NAS-IP-Address = 172.16.3.10 >> >>Now, there's no Password or anything, I would just like to check if this user >>is in the database. >>I have put the user into two groups, one checking for Service-Type >>Sip-Session and the other to Service-Type Call-Check. I can see in the debug, >>that the user was found in Call-Check group, but then radius sends REJECT as >>there was no password provided. Can I somehow send Accept, without user/pass >>checking, if the user was found in this group?! >> >>Thank you for any inputs regarding this issue. >> >>Kind regards, >>Dejan Markic >> >>- >>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html >> >> > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html