I'm having a problem with huntgroups and mysql, i see other threads about it but they just die so i'm posting again with as much information as i can give about what i've done for testing.
I have 1 huntgroup Authentium NAS-IP-Address == 127.0.0.1 and a user in 3 groups +-------+----------+------------+ | id | UserName | GroupName | +-------+----------+------------+ | 10494 | sdgusler | Propel | | 10726 | sdgusler | Authentium | | 10485 | sdgusler | V92 | +-------+----------+------------+ the groups are laid out as follows +----+------------+-------------------+----+-----------------+------+ | id | GroupName | Attribute | op | Value | prio | +----+------------+-------------------+----+-----------------+------+ | 1 | Propel | Propel-Accelerate | = | 1 | 0 | | 2 | V92 | Framed-IP-Address | = | 255.255.255.255 | 0 | | 3 | V92 | Framed-Protocol | = | PPP | 0 | | 4 | V92 | Idle-Timeout | = | 1200 | 0 | | 5 | V92 | Service-Type | = | 1 | 0 | | 6 | V92 | Session-Timeout | = | 28800 | 0 | | 8 | Authentium | Propel-Accelerate | = | 0 | 0 | +----+------------+-------------------+----+-----------------+------+ and their check attributes +----+---------------------------+----------------+----+------------+ | id | GroupName | Attribute | op | Value | +----+---------------------------+----------------+----+------------+ | 2 | Propel | Auth-Type | := | Local | | 3 | V92 | Auth-Type | := | Local | | 1 | Authentium | Huntgroup-Name | == | Authentium | | 6 | Authentium | Auth-Type | := | Local | +----+---------------------------+----------------+----+------------+ Now if i do a radtest from the box (localhost) while my user is in the authentium group and the huntgroup settings is set on it, it works but sends attributed from every groupname, if i radtest from anywhere else (the client config is right) it only sends me a reject. But if i take the huntgroup off of the authentium group it will work from localhost or other machines, sending me all attributes from every group... And furthermore when i get the attributes back when a huntgroup is matched (or not) it throws out whatever is found last, so if i define my group as Propel first (lower recordid in sql), and i send the Propel-Accelerate = 1 then define authentium has a higher recordid and Propel-Accelerate = 0, it will send back whatever it finds first, the propel group attribute, when it should send back only my huntgroup attributes, or atleast send all attributes and override matching attributes with my huntgroups what i'm looking for is radius to send me only the attributes from the huntgroup matched, if it comes from a match, and if not from one of the huntgroups it will either send whatever attributes from whatever groups i'm in or whatever attributes from whatever groups the user is in that doesn't have a huntgroup I'm not sure if that possible or even supposed to work like that but I don't think it's supposed to reject everyone but the huntgroup if you stick a user in a group with a huntgroup Thanks, Scott - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
