Re: users fil vs sql
On Mon, 18 Sep 2006, Alan DeKok wrote: |-Keith Woodworth [EMAIL PROTECTED] wrote: |- While this is ok, how does radius get configured to use the sql table to |- send the replies, not the users file? |- |- Look in radiusd.conf for sql. You have to configure the SQL |-module. Snip from radiusd.conf: # Look in an SQL database. The schema of the database # is meant to mirror the users file. # # See Authorization Queries in sql.conf sql This has been uncommented in radiusd.conf since the start. Which part of the SQL module needs to be configured? I'm not grokking that part. Thanks. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: users fil vs sql
Keith Woodworth [EMAIL PROTECTED] wrote: This has been uncommented in radiusd.conf since the start. Which part of the SQL module needs to be configured? I'm not grokking that part. See *all* references to sql in radiusd.conf. See doc/rlm_sql. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: users fil vs sql
On Tue, 19 Sep 2006, Alan DeKok wrote: |-Keith Woodworth [EMAIL PROTECTED] wrote: |- This has been uncommented in radiusd.conf since the start. Which part of |- the SQL module needs to be configured? I'm not grokking that part. |- |- See *all* references to sql in radiusd.conf. See doc/rlm_sql. I had read rlm_sql before, but did so again with a more careful eye and notice this for the flow of sql: 1. Search the radcheck table for any check attributes specific to the user 2. If check attributes are found, and there's a match, pull the reply items from the radreply table for this user and add them to the reply 3. Group processing then begins if any of the following conditions are met: a. The user IS NOT found in radcheck b. The user IS found in radcheck, but the check items don't match c. The user IS found in radcheck, the check items DO match AND the read_groups directive is set to 'yes' Where is the read_groups directive? Or does it exist? Thanks, Keith - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
users fil vs sql
Ive got things working using 1.1.3, username in radcheck with crypt-password, using auth-type = Local in radgroupcheck. I'm using the flat Users file with a simple 6 line Default entry to make it all work. On my test bed this has been working quite well for the last 3 days. While this is ok, how does radius get configured to use the sql table to send the replies, not the users file? Ive tried commenting out all the files entries in radiusd.conf but radius sends back a access-accept but the client side gets rejected. Thanks, Keith - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: users fil vs sql
Keith Woodworth [EMAIL PROTECTED] wrote: While this is ok, how does radius get configured to use the sql table to send the replies, not the users file? Look in radiusd.conf for sql. You have to configure the SQL module. Ive tried commenting out all the files entries in radiusd.conf but radius sends back a access-accept but the client side gets rejected. Telling the server to NOT use files won't help it to use SQL. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
