>At present I am using AD groups to assign roles to my users >and rejecting users who are not members of the defined groups. > This is being done via the users file which looks like this: > > >#If you are not in either group, no access is allowed >#FreeRADIUS 2.1 > > >#These are the groups we are checking for Lunar Building staff >DEFAULT Ldap-Group == "lunar-staff" > Aruba-User-Role = "employee" > >DEFAULT Ldap-Group == "lunar-member" > Aruba-User-Role = "member" > >DEFAULT Ldap-group != "lunar-staff", Auth-Type := Reject >DEFAULT Ldap-group != "lunar-member", Auth-Type := Reject > >#End > >I now want to also include guest users whose credentials are in >a MySQL database, what statement do I need to include in my users file >to also allow the guest users to authenticate, since my current config >allows only the Ldap Groups. I did have SQL working before I added the >reject statements. >
Add all SQL users to group guests. Then add before reject statements: DEFAULT SQL-Group == "guests" and perhaps Aruba-User-Role = "guest". Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
