So, basically if i didn't understand incorrectly, the user must also exist in the sql database for it to be checked against the radgroupcheck table and for attributes in the radreply table to be sent back to the NAS.
an hybrid configuration cannot be done? as my schema, being an active directory, is pretty strict and i cant modify it without the risk of screwing it up, and even if i could mess with the schema, groupcheck when LDAP is involved, in all examples i've seen, has always been done using file backend (raddb/users). it would be really useful for me to be able to populate the groupcheck and radgroupreply tables with the parameters i need, and keep the user authentication in LDAP. --------- Original Message -------- Da: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> To: "freeradius-users@lists.freeradius.org" <freeradius-users@lists.freeradius.org> Oggetto: Re: Groups in active directory and checks in MySQL Data: 26/08/13 13:22 On 08/26/2013 09:04 AM, Atomikramp wrote: > but it's not giving the same result, the check against sql is ignored > and the user is authed successfully. Because: > [sql] User sogo1 not found > ++[sql] returns notfound -- Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP autenticato? GRATIS solo con Email.it: http://www.email.it/f Sponsor: SUPERMARIO: Acquista Peluche e T-shirt Originali su mistercupido.com Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=12899&d=20130826 -- Caselle da 1GB, trasmetti allegati fino a 3GB e in piu' IMAP, POP3 e SMTP autenticato? GRATIS solo con Email.it http://www.email.it/f Sponsor: BARBAPAPA': Acquista i Peluche Originali su mistercupido.com Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=12898&d=26-8
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html