On Feb 17, 2010, at 10:54 AM, Alan DeKok wrote: > Adam Wien wrote: >> Here's my database setup. > > Please read doc/rlm_sql. > >> mysql> select * from radcheck where username='a...@cpanel.net'; >> +------+-----------------+--------------------+----+----------+ >> | id | username | attribute | op | value | >> +------+-----------------+--------------------+----+----------+ >> | 1072 | a...@cpanel.net | Cleartext-Password | := | BLANK | >> +------+-----------------+--------------------+----+----------+ > > Defines a password... > >> mysql> select * from radgroupcheck; >> +------+-----------+-------------------+----+-------+ >> | id | groupname | attribute | op | value | >> +------+-----------+-------------------+----+-------+ >> | 1072 | Sysadmin | Airespace-Wlan-Id | == | 9 | >> +------+-----------+-------------------+----+-------+ > > Says "group sysadmin checks if the airespace attribute matches" > >> mysql> select * from radusergroup; >> +-----------------+-----------+----------+ >> | username | groupname | priority | >> +-----------------+-----------+----------+ >> | a...@cpanel.net | Sysadmin | 1 | >> +-----------------+-----------+----------+ > > Says "user adam... is in group sysadmin". > > Where did you configure it do *do* something, like reject the user?
I guess that's my real question. What database does that belong in? I've tried adding it to 'radgroupreply' and also 'radgroupcheck' with a higher ID(although the latter doesn't seem correct). > > This configuration does *not* deny users access by matching > Airespace-Wlan-Id. That should be clear: there is no "deny" rule! > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html