Re: [Help-gnu-radius] different SQL Statements depending on NAS ?

[Maurice Makaay]

Hi,

> - I am currently using version 0.96.4, should I upgrade to 1.2 ?

Defenitely! Things have changed a lot since 0.96.4.

> - Is it possible to use different SQL auth and accouting statements
> depending on the NAS a request is coming from or depending on the sufix a
> username has?

It's currently not possible to define multiple SQL statements in gnu-radius. 
I needed an option like that on our servers as well, but I had to use a
workaround to get there. 

Our users are stored in multiple tables. To make it possible to use only
one radius server, I have created a custom dictionary attribute 
SQL-Users-Table, which I fill during my hints (rewriting) stage of the
authentication request. This way I can have multiple tables for multiple
groups of users. I use the rewriting functionality for most of this
functionality. Using rewrite functions, I split our users to their username
and their realm suffix and determine (based on the CSID/infrastructure via
which they are accessing our network) which table I should use for
authenticating the user. For us, this turned out to be a perfect solution.

I guess you could even extend this workaround to create the complete
query you need in rewrite functions and store that query in a custom 
attribute like SQL-Auth. This way you can build a dynamic query per
user/NAS. Theoretically, this is perfectly possible I think. However, there
might be a more logical solution for solving your actual problem.

Good luck!

-- Maurice Makaay