Subject: Re: Turn of user acc - MySQL > > Deleting user from the database - bad idea. You do want him back?
I have users inside another table (name, address, id etc..) and only those who need access I transfer to radcheck table. So if I remove them from radcheck, I can easily turn them back. > > Auth-Type Reject is a check item so it would go into rad(group)check > table. It's better to create a group for suspended users and swithch > user to it than to add the attribute to each user. > > Think about using sqlcounters and/or Epiration attribute. Good ideas so I will think about it... Best regards > > Ivan Kalik > Kalik Informatika ISP > > > Dana 30/10/2007, "Marinko Tarlac" <[EMAIL PROTECTED]> pi?e: > > >Hello > > > >I made small web based application and it uses MySql database. I can > >add user accounts, create packages, add access points etc and now I > >need to create script for user control. > > > >Question is next. Is it better to remove the username from radcheck > >table or it is better option to add access-reject atribute for > >specific user in radreply table. Is there any better solution. Also > >I'm thinking to create small perl script which I can call during auth > >process. > > > >I'm not sure did you understand me :) > >- > >List info/subscribe/unsubscribe? See > >http://www.freeradius.org/list/users.html > > > > > > > > ------------------------------ > > Message: 7 > Date: Wed, 31 Oct 2007 11:53:23 +1000 (EST) > From: David Hobley <[EMAIL PROTECTED]> > Subject: Re: Configure authentication via LDAP Group membership issue > [sec=unclassified] > To: FreeRadius users mailing list > <[email protected]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="utf-8" > > Frank, > > Thank you - greatly appreciated. This made me realise that my thinking was > foggy when I had defined group memberships. All working now. > > Cheers, > David > ----- Original Message ----- > From: "Frank MR Ranner" <[EMAIL PROTECTED]> > To: "FreeRadius users mailing list" <[email protected]> > Sent: Wednesday, 31 October 2007 10:20:36 AM (GMT+1000) Australia/Brisbane > Subject: RE: Configure authentication via LDAP Group membership issue > [sec=unclassified] > > ... > _______________________________ > > The memberUid attribute in a posixgroup is supposed to hold the uid, not > the uidNumber. That would make your groupmembership_filter = > "(memberUid=%{User-Name})" or more robustly, > groupmembership_filter = > "(&(memberUid=%{Stripped-User-Name:-%{User-Name}})(objectClass=posixGrou > p))" > > Regards, > Frank Ranner > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20071031/258fde31/attachment.html> > > ------------------------------ > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > > End of Freeradius-Users Digest, Vol 30, Issue 117 > ************************************************* > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
