Hi Hugh,
Yes, my AuthBy SQL is being called for authentication and then for
accounting. However, I do not use RewriteUsername. I use AuthBy SYSTEM
to check the user's UNIX password and AuthBy FILE to check his group and
suffix.
-------------------------------
<AuthBy SQL>
Identifier GCCSQL
DBSource ...
DBUsername ...
DBAuth ...
AuthSelect select Password, Expiration, SimUse, \
IdleTime, SessionTime, StaticIP \
from USERS where IDENTIFIER = '%n' AND STATUS != 'C' \
AND SESSIONTIME > 0
AuthColumnDef 1, Expiration, check
AuthColumnDef 2, Simultaneous-Use, check
AuthColumnDef 3, Idle-Timeout, reply
AuthColumnDef 4, Session-Timeout, reply
AuthColumnDef 5, Framed-IP-Address, reply
AccountingTable ACCOUNTING
AccountingStopsOnly
AcctColumnDef IDENTIFIER,User-Name
AcctColumnDef TIME_STAMP,Timestamp,formatted-date,'%m-%d-%Y
%H:%M:%S'
AcctColumnDef DURATION,Acct-Session-Time,integer
AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type
AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer
AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer
AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer
AcctColumnDef ACCTSESSIONID,Acct-Session-Id
AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause
AcctColumnDef NASIDENTIFIER,NAS-IP-Address
AcctColumnDef NASPORT,NAS-Port,integer
AcctColumnDef FRAMEDIPADDRESS,Framed-IP-Address
AcctColumnDef CONNECTSPEED,Connect-Info
AcctColumnDef CONNECTSPEED,USR-Connect-Speed
AcctColumnDef CALLERID,Calling-Station-Id
AcctColumnDef POPID,Called-Station-Id
AcctSQLStatement update USERS set SESSIONTIME = (SESSIONTIME -
0%{Acct-Session-Time}) \
where IDENTIFIER = '%n'
</AuthBy>
<Handler Request-Type = Accounting-Request, Class = GCCSQL>
AuthByPolicy ContinueAlways
AuthBy GCCSQL
</Handler>
<Handler>
AuthByPolicy ContinueWhileAccept
<AuthBy GROUP>
AuthByPolicy ContinueUntilAccept
AuthBy check-statics
AuthBy check-gcc
AuthBy check-default
</AuthBy>
<AuthBy FILE>
Filename %D/users-sql
AddToReplyIfNotExist Framed-Protocol = PPP,\
Service-Type = Framed-User,\
Framed-MTU = 1500,\
Framed-IP-Address = 255.255.255.254
</AuthBy>
</Handler>
-------------------------------
users-gcc file:
-------------------------------
DEFAULT Auth-Type = System, Group = "gcc"
Filter-Id = "pcitest"
DEFAULT Suffix = "+ppp", Auth-Type = System, Group = "gcc"
Class = GCCSQL,
Framed-Protocol = PPP,
Service-Type = Framed-User,
Framed-MTU = 1500
-------------------------------
users-sql file:
-------------------------------
DEFAULT Suffix = "\+ppp", Auth-Type = SQL
DEFAULT Suffix = "\+static", Auth-Type = SQL
DEFAULT Suffix = "\+netcom", Auth-Type = SQL
DEFAULT Suffix = "\+uunet", Auth-Type = SQL
DEFAULT Auth-Type = SQL
-------------------------------
How can I rewrite the username (no suffixes) for the AcctSQLStatement
without affecting the accounting table (username with suffixes)?
Thanks,
Janet
Hugh Irvine wrote:
>
> Hello Janet -
>
> Is your AuthBy SQL clause being called from two different places? One
> for authentication with rewriteUsername and the other for accounting?
> Somehow the processing for the two packets is different.
>
> hth
>
> Hugh
>
> At 17:47 +1000 17/8/00, Janet N del Mundo wrote:
> >Hi,
> >
> >I was wondering how Radiator can capture a username without the suffix
> >when it's writing the AcctSQLStatement in accounting. I want the
> >AcctSQLStatement to update the SQL users table, but it's grabbing
> >username with the suffix ('mikesanlite+ppp' instead of just
> >'mikesanlite').
> >
> >It's writing to the accounting table correctly, with suffixes and
> >realms. However, when it does the AcctSQLStatement, it cannot update
> >the SQL users table because of the suffix.
> >
> >How can this be done? Any clues?
> >
> >Trace 4 log:
> >-------------------------------
> >
> >Thu Aug 17 16:47:37 2000: DEBUG: Query is: select Password, Expiration,
> >SimUse, IdleTime, SessionTime, StaticIP from USERS where IDENTIFIER =
> >'mikesanlite' AND STATUS != 'C' AND SESSIONTIME > 0
> >.
> >.
> >.
> >Thu Aug 17 16:47:38 2000: DEBUG: do query is: update USERS set
> >SESSIONTIME = (SESSIONTIME - 01000) where IDENTIFIER = 'mikesanlite+ppp'
> >-------------------------------
> >
> >Config file:
> >-------------------------------
> ><AuthBy SQL>
> > .
> > .
> > .
> > AuthSelect select Password, Expiration, SimUse, \
> > IdleTime, SessionTime, StaticIP \
> > from USERS where IDENTIFIER = '%n' AND STATUS != 'C' \
> > AND SESSIONTIME > 0
> >
> > AuthColumnDef 1, Expiration, check
> > AuthColumnDef 2, Simultaneous-Use, check
> > AuthColumnDef 3, Idle-Timeout, reply
> > AuthColumnDef 4, Session-Timeout, reply
> > AuthColumnDef 5, Framed-IP-Address, reply
> >
> > AccountingTable ACCOUNTING
> > AccountingStopsOnly
> >
> > .
> > .
> > .
> > AcctSQLStatement update USERS set SESSIONTIME = (SESSIONTIME -
> >0%{Acct-Session-Time}) \
> >where IDENTIFIER = '%n'
> >
> ></AuthBy>
> >-------------------------------
> >
> >
> >Thank you,
> >Janet
> >
> >===
> >Archive at http://www.starport.net/~radiator/
> >Announcements on [EMAIL PROTECTED]
> >To unsubscribe, email '[EMAIL PROTECTED]' with
> >'unsubscribe radiator' in the body of the message.
>
> --
> --
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
> Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
