Hello Colin -
On Mon, 17 Apr 2000, colinc wrote:
> Hugh Irvine wrote:
>
> > Hello Colin -
> >
> > On Thu, 13 Apr 2000, colinc wrote:
> > > Hi
> > >
> > > I have been browsing through the archives and the manual regarding
> > > information on setting up groups, it seems to be more confusing to me
> > > than it should.
> > >
> > > However, it seems to me that i would need to setup the groups
> > > authentication in the users file. At the current moment i don't believe
> > > we are using the user file for authentication, this is done from our
> > > passwd file using <AuthBy Unix>. Where exactly do we specify which group
> > > a user belongs to, would this be the groups file?
> > >
> >
> > You will need to do several things -
> >
> > 1. create your groups
> >
> > 2. set up cascaded AuthBy's to check both passwords and groups
> >
> > 3. configure whatever specific check and reply attributes you need
> > corresponding to the group membership
> >
> > Something like this:
> >
> > # configuration to check passwords and groups
> >
> > <AuthBy UNIX>
> > Identifier CheckUNIX
> > Filename ....
> > GroupFilename ....
> > </AuthBy>
> >
> > <Realm .....>
> > <AuthBy FILE>
> > Filename %D/default-users
> > </AuthBy>
> > </Realm>
> >
> > Then in the users file:
> >
> > # file %D/default-users
> > # specify additional check items and appropriate reply items as required
> >
> > DEFAULT Auth-Type = CheckUNIX, Group = plan1
> > ......
> >
> > DEFAULT Auth-Type = CheckUNIX, Group = plan2
> > .....
> >
> > DEFAULT Auth-Type = CheckUNIX, Group = plan3
> > .....
> >
> >
> > Have a look at section 6.21 in the Radiator 2.15 reference manual.
> >
> > > We want to create groups of users that correspond to our internet plans,
> > >
> > > eg 30 hr/month, unlimited hrs.
> > >
> >
> > You might also want to consider an SQL database for doing more
> > sophisticated accounting, etc., or you might even look at one of the commercial
> > ISP billing systems that do these sorts of things "out-of-the-box".
> >
> > hth
> >
> > Hugh
> >
>
> Yes, we are planning to use freeside billing in conjunction with Radiator. Where
> would i define the group information if i were to authenticate from the SQL
> database, I've defined the group in a local file and also set a user in SQL with
> group as a check item, however i get the following error.
>
> Mon Apr 17 12:01:01 2000: DEBUG: Radius::AuthSQL looks for match with colin
> Mon Apr 17 12:01:01 2000: WARNING: This AuthBy does not know how to check Group
> membership
> Mon Apr 17 12:01:01 2000: DEBUG: Radius::AuthSQL REJECT: User colin is not in Group
> unlimited
> Mon Apr 17 12:01:01 2000: DEBUG: Query is: select PASSWORD from SUBSCRIBERS where
> USERNAME='DEFAULT
You have two choices to do the above:
1. do exactly the same thing as my previous example, but replace AuthBy UNIX
(and CheckUNIX) with AuthBy SQL (and CheckSQL) corresponding to your Freeside
database.
2. add the group to each user record in the database and use an additional
AuthColumnDef in the AuthBy SQL clause to check the value
hth
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
