Re: The MySQL databases for Freeradius
> I am sitting here trying to figure out how FreeRadius works towards MySQL. > > The database "radcheck" is for a singeluser if I have understood it > correctly. > > What I want to do is that through MS Access make a form where I can add > several attributes to the same row in the table. > > But since radcheck only seem to work with one attribute per row for one > user I dont really know how to do. You *can* have multiple entries (rows) for each user. You don't have to cram everything into a single row. > What I mean is that if I have a user called "test-user" and want to have > two attributes for that user, in this case "Cleartext-Password" & > "NAS-Port-Id" I need to have two rows for that user. Tes, you do. > radcheck: > > -- > > |id|username |attribute |op |value | > > |1 |user-test |Cleartext-Password|== |test-pass | That should be :=. > |2 |user-test |NAS-Port-Id |== |raket | > > --- > > The reason I want to make a form is because I want others than me being > able to add new users and have them connected to the correct group which > then will have a separate VLAN and SSID. The form you generate with MS Access will put data into - MS Access backend. You can't connect that form to MySQL. If you are a fan of Windows use Windows (ASP.NET) forms or webforms which can place data into MySQL. Freeradius comes with it's own admin GUI - dialup admin. There are also outside projects like daloRadius. Or you can make your own using things like PHP. > So then I thought that if i use the table called "radusergroup" and link > the user to a specific group it should work in a way that all members of > this group may only connect to the network if they try to connect to the > correct SSID. It seems that did not work either. No, it will not work. Groups in sql emulate DEFAULT entries in users file - if chack doesn't match, replies are ignored - user is not rejected. > I am at a loss here and > dont really know what I should do. If you want user to get rejected if SSID doesn't match, you will need to make it an entry in radcheck table. As long as the password is there too user will be rejected. Ivan Kalik - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: The MySQL databases for Freeradius
On 11/24/2009 10:32 AM, Peter Carlstedt wrote: The database "radcheck" is for a singeluser if I have understood it correctly. I don't know what you mean by single user, but radcheck has all the users in it. It may have more than one row for a given user if you want to check more than one attribute for that user. What I want to do is that through MS Access make a form where I can add several attributes to the same row in the table. I don't know what MS Access has to do with this unless you're somehow using it as a GUI front end to MySQL, but it should be obvious you can't have more than one attribute per row (because that's the schema). But since radcheck only seem to work with one attribute per row for one user I dont really know how to do. What I mean is that if I have a user called "test-user" and want to have two attributes for that user, in this case "Cleartext-Password" & "NAS-Port-Id" I need to have two rows for that user. Thats right. The way radcheck works is does a query for all the attributes associated with a user, if *any* attribute comparison matches (using the operator for that attribute) then the check succeeds. Caveat: some attributes are skipped during comparison (e.g. passwords, auth_type, etc.) because they aren't relevant during authorization. The table looks like this in Access(when i want to use two or more attributes): radcheck: -- _|id|username |attribute |op |value |_ |1 |user-test |Cleartext-Password|== |test-pass | |2 |user-test |NAS-Port-Id |== |raket | --- -- John Dennis Looking to carve out IT costs? www.redhat.com/carveoutcosts/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
The MySQL databases for Freeradius
Hello everyone! I am sitting here trying to figure out how FreeRadius works towards MySQL. It is quite hard for me to try to explain what I want to do since Im not good with MySQL but I will try anyway and hope someone will understand what I mean. =) The database "radcheck" is for a singeluser if I have understood it correctly. What I want to do is that through MS Access make a form where I can add several attributes to the same row in the table. But since radcheck only seem to work with one attribute per row for one user I dont really know how to do. What I mean is that if I have a user called "test-user" and want to have two attributes for that user, in this case "Cleartext-Password" & "NAS-Port-Id" I need to have two rows for that user. The table looks like this in Access(when i want to use two or more attributes): radcheck: -- |id|username |attribute |op |value | |1 |user-test |Cleartext-Password|== |test-pass | |2 |user-test |NAS-Port-Id |== |raket | --- The reason I want to make a form is because I want others than me being able to add new users and have them connected to the correct group which then will have a separate VLAN and SSID. So then I thought that if i use the table called "radusergroup" and link the user to a specific group it should work in a way that all members of this group may only connect to the network if they try to connect to the correct SSID. It seems that did not work either. I am at a loss here and dont really know what I should do. Sorry if my explaination is bad but it is quite hard for me to explain. Best regards/ Peter Carlstedt _ Windows Live: Keep your friends up to date with what you do online. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
