Hi,

But wouldn't that require using the users file instead of MySQL? Can the radcheck table be used in the same way? What I mean is, can a user have multiple entries within the table? At the moment we just have a single entry for each user:

+----+-----------------------------------+-----------+----+-----------+
| id | UserName                          | Attribute | op | Value     |
+----+-----------------------------------+-----------+----+-----------+
|  1 | [EMAIL PROTECTED]                         | Password  | == | test      |
+----+-----------------------------------+-----------+----+-----------+

But would this accomplish the same as using the users file:

+----+-----------------------------------+-----------+----+-----------+
| id | UserName                          | Attribute | op | Value     |
+----+-----------------------------------+-----------+----+-----------+
|  1 | [EMAIL PROTECTED]                         | Password  | == | test      |
|  2 | [EMAIL PROTECTED]                         | Auth-Type | := | Reject    |
+----+-----------------------------------+-----------+----+-----------+

I'm not going to be able to actually try this for myself until Monday, but any advice in advance would be greatly appreciated.



Kind regards,
Tim O'Donovan



Joe Maimon wrote:



Tim O'Donovan wrote:

Hi,

Does anyone know of a simple way to invoke an Access-Reject for a user at the authenticate stage? Without changing the stored password. I have tried altering the 'op' to != and all manner of other combinations from within the rad_check table without success.

We would just like to be able to ban/unban a user with a single SQL update statement.


in the users file, setting a check item like this

user    Auth-Type := "Reject"

Seems to do the job.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to