(RADIATOR) Different Max Sessions with LDAP 4.11

[Mohammad Tariq]

I'm using radiator 2.14.1 with LDAP 4.11. I have some users who are allowed two concurrent logins but the others are allowed only one login at a time. The ones who are allowed to have two logins, I have put them in a file named doubleusers (so they are in the file as well as in the LDAP). After using the following ldap.cfg, all the users can login as many times as they want. Any help will be highly appreciate. Also, I have some users who are only allowed to use the email accounts and want have a zero logins for them( I have not implemented this in the ldap.cfg below). Any hints on that will be gladly taken.       # Foreground # LogStdout LogDir  /var/adm LogFile  %L/radius.log DbDir  /usr/local/etc   Trace  3 # <Client DEFAULT>  Secret xxxxx  DupInterval 2  DefaultRealm xxxxxx </Client>   # <Handler> <Realm xxxxxx>                  RewriteUsername tr/-.A-Za-z0-9_@//cd          RewriteUsername s/^([^@]+).*/$1/         RewriteUsername tr/[A-Z]/[a-z]/   PasswordLogFileName %L/radpwd.log    <AuthBy GROUP>   AuthByPolicy ContinueWhileReject     <AuthBy SQL>   DBSource dbi:mysql:database=xxxx;host=xxxxx   DBUsername radius   DBAuth xxxxx     Timeout 30   # don't identify, accounting only   AuthSelect   AccountingTable accounting   AcctColumnDef USERNAME,User-Name   AcctColumnDef TIME_STAMP,Timestamp,integer   AcctColumnDef ACCTSTATUSTYPE,Acct-Status-Type   AcctColumnDef ACCTDELAYTIME,Acct-Delay-Time,integer   AcctColumnDef ACCTINPUTOCTETS,Acct-Input-Octets,integer   AcctColumnDef ACCTOUTPUTOCTETS,Acct-Output-Octets,integer   AcctColumnDef ACCTSESSIONID,Acct-Session-Id   AcctColumnDef ACCTSESSIONTIME,Acct-Session-Time,integer   AcctColumnDef ACCTTERMINATECAUSE,Acct-Terminate-Cause    AcctColumnDef ACCTCHARGE,Acct-Charge   AcctColumnDef NASIDENTIFIER,NAS-Identifier   AcctColumnDef NASPORT,NAS-Port, integer   AcctColumnDef DNIS,Called-Station-Id     </AuthBy>     <AuthBy FILE>    Identifier System   DefaultSimultaneousUse  2   Filename %D/doublusers   </AuthBy>     <AuthBy LDAP2>   DefaultSimultaneousUse 1   # Tell Radiator how to talk to the LDAP server   Host  ldap-lh.arabcircle.net.sa   Port   389    AuthDN  uid=radius,ou=xxx,o=xxx    AuthPassword xxxxx   BaseDN  o=arabcircle.net.sa     UsernameAttr uid   PasswordAttr    userpassword #  Simultanueous-Use  number   </AuthBy>     # These are the classic things to add to each users   # reply to allow a PPP dialup session. It may be   # different for your NAS. This will add some   # reply items to everyone's reply   DefaultReply Service-Type = Framed-User,\    Framed-Protocol = PPP,\    Framed-IP-Netmask = 255.255.255.128,\    Framed-IP-Address = 255.255.255.255,\    Framed-Routing = None,\    Framed-MTU = 600,\    Framed-Compression = Van-Jacobson-TCP-IP,\    Session-Timeout = 1200  </AuthBy> # # MaxSessions 2  # Log accounting to the detail file in LogDir  AcctLogFileName %L/detail </Realm> # </Handler>       Here is what I have in the doubleusers file.   DEFAULT Auth-Type = System,  Service-Type = Framed-User,  Framed-Protocol = PPP,  Framed-IP-Address = 255.255.255.255,  Framed-IP-Netmask = 255.255.255.128,  Framed-Routing = None,  Framed-MTU = 600,  Framed-Compression = Van-Jacobson-TCP-IP       Regards Tariq