[RADIATOR] MySQL Authentication from two possible fields
Adam Gerson
agersonl at cgps.org
Mon Jun 7 09:30:46 CDT 2010
We have successfully authenticated a MAC address passed into Raditor as
the username against a SQL database using <AuthBy SQL>
AuthSelect select REPLACE(mac_address,'.','') from computers where
REPLACE(mac_address,'.','') = '%{User-Name}'
AuthColumnDef 0, User-Name, check
Here is the problem. Our MYSQL database stores wired MAC in one field
and wireless MAC in another field. We want either to result in a valid
match.
Is there a way to tell Raditor to look for the username/mac in a field
called mac_address OR alt_mac_address? Can we run a second AuthSelect
query on the second field and have it return sucess if either one matches?
Based on the documentation I thought something like this would work, but
it did not. I also tried adding AcceptIfMissing to the first AuthBy SQL,
but then it accepted MACs not present in the database.
<Realm DEFAULT>
<AuthBy SQL>
DBSource dbi:mysql:jamfsoftware:127.0.0.1
DBUsername jamfsoftware
DBAuth ****
AuthSelect select REPLACE(mac_address,'.','') from computers where
REPLACE(mac_address,'.','') = '%{User-Name}'
AuthColumnDef 0, User-Name, check
NoDefault
</AuthBy>
<AuthBy SQL>
DBSource dbi:mysql:jamfsoftware:127.0.0.1
DBUsername jamfsoftware
DBAuth ****
AuthSelect select REPLACE(alt_mac_address,'.','') from computers where
REPLACE(alt_mac_address,'.','') = '%{User-Name}'
AuthColumnDef 0, User-Name, check
NoDefault
</AuthBy>
# Log accounting to a detail file
AcctLogFileName %L/detail
</Realm>
Thanks,
Adam
--
Adam Gerson
Assistant Director of Technology
Columbia Grammar and Prep School
phone. 212-749-6200 ex. 321
fax. 212-428-6806
agerson at cgps.org
http://www.cgps.org
More information about the radiator
mailing list