i use freeradius-0.4 to AAA a dialup realm (@realm)
(should work for 0.4+ i guess, it's a relly simple setup)
and here's what works for me:
--radiusd.conf--
...
modules {
...
preprocess {
...
hints = ${confdir}/hints
...
}
...
$INCLUDE ${confdir}/sql.conf
...
}
...
authorize {
preprocess
sql
}
authenticate {
sql
}
...
------------------
i use the preprocess to strip the realm (i have usernames of the
kind usr@realm, and i service only "myrealm", so i keep usernames
stripped).
--hints--
...
DEFAULT Suffix = "@myrealm", Strip-User-Name = Yes
Hint = "@myrealm",
Service-Type = Framed-User,
Framed-Protocol = PPP
...
------------------
and finaly, the mysql tables:
--radcheck--
...
| 928 | rtieva | Password | s2wSv3ss |
...
------------------
"Clear text passwords ??" -
"I just love answering the question: What my password was ?"
other tables, i believe, are irrelevant to this case.
i guess i could use some table for setting Service-Type and Framed-Protocol
(and other VAs as well), but since hints takes care of it why poison the db?
access times for different users is done via Exec-Program-Wait from
radgroupreply table. script does extensive checks, but that also is not
relevant to the case...
hope it helps.
On Thursday 12 September 2002 19:18, you wrote:
> > NetNITCO Systems Administration <[EMAIL PROTECTED]> wrote:
> > > but I need to be able to authenticate with user/passwords from MySQL.
so, what do you need pam for ?!
> changes, trying database data changes to no avail. My last option is to try
> Radiator, which I have installed the demo for, but I'm not comfortable with
i'd stick with the freeradius ... but that's me.
> It seems that I must just be missing something very simple, but I just
> can't put my finger on it.
it's often this way :-)
> --Josh Snyder
> NetNITCO Systems Administration
>
--
--------------------
Konstantin Tsolov
Systems Administrator
Information Services PLC
Sofia, Bulgaria
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
