1. Schema and usage
+ The schemas are available in raddb/sql/<DB>/*, where <DB> is the
+ name of the database (mysql, postgresql, etc.)
+
The SQL module employs two sets of check and reply item tables for
processing in the authorization stage. One set of tables (radcheck and
radreply) are specific to a single user. The other set of tables
b. The user IS found in radcheck, but the check items don't match
c. The user IS found in radcheck, the check items DO match AND
Fall-Through is set in the radreply table
+ d. The user IS found in radcheck, the check items DO match AND
+ the read_groups directive is set to 'yes'
4. If groups are to be processed for this user, the first thing that is
done is the list of groups this user is a member of is pulled from the
usergroup table ordered by the priority field. The priority field of
password. So, one might have the following setup:
radcheck table:
- joeuser User-Password == somepassword
+ joeuser Cleartext-Password := somepassword
radreply table:
joeuser Fall-Through = Yes
joeuser WLANgroup 1(this is the priority)
joeuser PPPgroup 2
- A web page with some helpful documentation is:
-
- http://www.frontios.com/freeradius.html
-
- NOTE: this page may be slightly out of date when dealing with the database
- schema
-
2. What NOT to do.
Not allowed as a reply item.
+5. Instances
+
+ Just like any other module, multiple instances of the rlm_sql
+ module can be defined and used wherever you like.
+
+ The default .conf files for the different database types,
+ contain 1 instance without a name like so:
+ sql {
+ ...
+ }
+
+ You can create multiple named instances like so:
+ sql sql_instance1 {
+ ...
+ }
+ sql sql_instance2 {
+ ...
+ }
+
+ And then you can use a specific instance in radiusd.conf, like
+ so:
+ authorize {
+ ...
+ sql_instance1
+ ...
+ }
+ accounting {
+ ...
+ sql_instance1
+ sql_instance2
+ ...
+ }