Dear Alan, Thx for yr quick reply...
We are still using an old attributes with reasons... we need to deactive and activate user account without touch his/her password. We did it within just play around at Auth-Type value = Local/Reject Thx for your advice for my case regarding the above subject, I will try it at my office this morning; of course with still using an old attributes. Regards Paul On 1/14/2008, "Alan DeKok" <[EMAIL PROTECTED]> wrote: >PD wrote: >> For the above purpose, we put attribute Called-Station-Id for each demo >> account within radcheck table. >> >> The problem found, the account demo1 still be able to use at nas2 vice >> versa. > > Please read doc/rlm_sql. > >> Here is our radcheck table: >> mysql> select * from radcheck where username='demo'; >> +----+-----------+-------------------+----+-------------------+ >> | id | UserName | Attribute | op | Value | >> +----+-----------+-------------------+----+-------------------+ >> | 40 | demo | Auth-Type | := | Local | > > Don't use Auth-Type. i.e. DELETE that row. > >> | 41 | demo | Password | == | password | > > Change these fields to "Cleartext-Password := password" > >> | 42 | demo | Called-Station-Id | := | 00-1A-70-XX-XX-XX | > > Read doc/rlm_sql. This operator *sets* the value. It doesn't >*compare* the value. You want "==" > >> Perhaps, we miss something at somewhere... > > The operators are documented in doc/rlm_sql. > > Alan DeKok. >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
