Multiple logins Freeradius/Mysql

classic Classic list List threaded Threaded
3 messages Options
| Threaded
Open this post in threaded view
|

Multiple logins Freeradius/Mysql

Mark Elkins-2
We've set up Simultaneous-Use := 1 - and this seems fine.
However, I have my first user - who is really off the net and 'radzap'
seems to do nothing.... (radwho still gives the user as being there).

What is the code... in sql.conf...
simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE
UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
...for????

In our previous Radius - we used to simply provide a valid AcctStopTime
time - and the user could then login again.

What do I need to do to change freeradius to do Simultaneous-Use control
using mysql and not using radwho??

I've read doc/Simultaneous-Use - which doesn't use/mention [my]sql.

I'm guessing (looking at where radutmp is mentioned)... radiusd.conf
has...

session {
    radutmp
}

Should this be changed to...
session {
    sql
}

???



--
  .  .     ___. .__      Posix Systems - Sth Africa.  e.164 VOIP ready
 /| /|       / /__       [hidden email]  -  Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Multiple logins Freeradius/Mysql

Aaron Paetznick

I'm having a similar problem.  I'm using sql accounting.  I've
uncommented the simul_count_query query line.  I've entered the
Simultaneous-Use attribute in the radgroupcheck table with the ":=" op.
  It's still trying to use checkrad (in the log) no matter what I do.
I've read the doc file.  Help?


--Aaron



Mark Elkins wrote:

> We've set up Simultaneous-Use := 1 - and this seems fine.
> However, I have my first user - who is really off the net and 'radzap'
> seems to do nothing.... (radwho still gives the user as being there).
>
> What is the code... in sql.conf...
> simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE
> UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
> ...for????
>
> In our previous Radius - we used to simply provide a valid AcctStopTime
> time - and the user could then login again.
>
> What do I need to do to change freeradius to do Simultaneous-Use control
> using mysql and not using radwho??
>
> I've read doc/Simultaneous-Use - which doesn't use/mention [my]sql.
>
> I'm guessing (looking at where radutmp is mentioned)... radiusd.conf
> has...
>
> session {
>     radutmp
> }
>
> Should this be changed to...
> session {
>     sql
> }
>
> ???
>
>
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: Multiple logins Freeradius/Mysql

Mark Elkins-2
In reply to this post by Mark Elkins-2
On Mon, 2005-06-13 at 17:27 +0200, Mark Elkins wrote:

> We've set up Simultaneous-Use := 1 - and this seems fine.
> However, I have my first user - who is really off the net and 'radzap'
> seems to do nothing.... (radwho still gives the user as being there).
>
> What is the code... in sql.conf...
> simul_count_query = "SELECT COUNT(*) FROM ${acct_table1} WHERE
> UserName='%{SQL-User-Name}' AND AcctStopTime = 0"
> ...for????
>
> In our previous Radius - we used to simply provide a valid AcctStopTime
> time - and the user could then login again.
>
> What do I need to do to change freeradius to do Simultaneous-Use control
> using mysql and not using radwho??
>
> I've read doc/Simultaneous-Use - which doesn't use/mention [my]sql.

I think this Document should be updated to tell people who are using an
SQL to change the 'session' bit in radiusd.conf ????

> I'm guessing (looking at where radutmp is mentioned)... radiusd.conf
> has...
>
> session {
>     radutmp
> }
>
> Should this be changed to...
> session {
>     sql
> }


The above seems to work - grepping through old email also seems to
suggest that now checkrad won't work...unless we use radutmp...
or does checkrad run with the sql...
 simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName,
NASIPAddress, NASPortId, FramedIPAddress, CallingStationId,
FramedProtocol FROM ${acct_table1} WHERE UserName='%{SQL-User-Name}' AND
AcctStopTime = 0"
???


Anyway - testing the above seemed to block simultaneous use - like
things worked with radutmp - except now it does seem to be using the SQL
code..

--
  .  .     ___. .__      Posix Systems - Sth Africa.  e.164 VOIP ready
 /| /|       / /__       [hidden email]  -  Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS  Tel: +27 12 807 0590  Cell: +27 82 601 0496

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html