Dear Mr. Parker: I have tried to express clearly. I perfectly know how annoying is some lamer throw you a lot of questions "it doesnt work" or "how to blabla". I am sorry!
Dear Mr. DeKok: Radius is a whole new land for me. I am sorry that I am misusing different terms. To both: my question is: "How to add some attributes to EVERY user authenticated (authorized?) through my RADIUS server NO MATTER of authorization (authentication?) scheme used (system/sql/ldap/whatever)?" The answer was already included in Mr. DeKok's clear instructions at the end of his message, which I am very grateful for. Thank you for patience! Alan DeKok said: > "Kliment Toshkov" <[EMAIL PROTECTED]> wrote: >> It seems that you are the most qualified in FreeRadius. >> Why do you reply with quotes? I have read them lot of times. > > Uh... I have no idea what you mean by that. > >> Probably most usefull answer will be the one to "WHAT exactly >> Auth-Type should be set in DEFAULT to allow authorization through >> MySQL module"? > > You don't. Authorization has nothing to do with authentication. > >> Setting DEFAULT to Local or System results in accounting request being >> rejected and you are perfectly aware of that! > > Uh, no I'm not. Again, I have no idea what you mean by that. > > "Local" or "System" usually refer to authentication types. > Authentication types have NOTHING to do with accounting requests. If > you think they do, either there's something you've missed, or you've > misconfigured your system. > > > I don't use SQL, so I'm not that familiar with it, sorry. If you're > looking for SQL specific questions, I *can't* answer them. > > > The 'User-Password' attribute SHOULD be pulled out of the SQL > database during authorization. After that, any type of authentication > you want, pap, chap, EAP, or whatever. > > The DEFAULT statement can be used in the SQL database to set default > replies. Exactly how do you do that? Sorry, I don't use SQL, and I > just don't know. > > > That being said, it should be pretty simple to list 'files' after > 'sql' in the 'authorize' section of the configuration file. You > 'users' file can then be nothing more than: > > DEFAULT > Exec-Program = "/foo/bar" > > > I would suggest that you be very clear as to what you want to do, > and be very clear as to how the server behaves. Mixing up > "authorization", "authentication", and "accounting" is a guaranteed way > of confusing the issue, and of making it impossible to solve your > problem. > > Alan DeKok. > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html -- Technical Director of VIKET Networks web/mail: www.viket.net; [EMAIL PROTECTED] gsm/gsm2: +359 88 803280; +359 87 800743 ----------------------------------------- Get YOUR internet access NOW! 40 hours unlimited access for only 6 lv! http://www.viket.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
