Re: Info on tables.

Dale E. Reed Jr. ( (no email) )
Fri, 27 Mar 1998 11:08:48 -0800

Support Technique wrote:
> We are currently using Radius NT in ODBC and text mode.
> Everything is going fine. What i would like to know is what the
> configs table is used for? There no documentation for this table.

That table is only used by Emerald (hence the reason it is not
mentioned in the RadiusNT documentation). RadiusNT itself does
not currently use the table for anything.

> Also what is the difference between the RadAtConfig table and the
> RadConfig table. From what i see is that the first one is used to defined
> the attributes for an account type and the second one is the attributes for
> a particular subaccounts. Is that correct?


> Is the attributs for a subaccount with a certain type the sum of the two
> tables above?


The use of the two tables is outlines in the Authentication Process section
of the RadiusNT Manual at the following URL. Specifically note steps 9
and 10.


Authentication Process

When RadiusNT receives an incoming authentication request, the following
steps are performed to authenticate the user:

1.Check to see if a record exists in the SubAccounts Table with either
a login or shell field matching the username attribute in the
request, and neither of the active flags are 0.
2.If no match is found, send a reject.
3.If the request password does not match the database password,
send a reject.
4.If the saExpireDate Field is not NULL and the SubAccount (plus
extension) is expired, then send a reject. (only applicable to
SQL Server support, as this is not supported by MS Access)
5.If the saExpireDate is NULL and the maExpireDate (plus extension and
overdue) is expired, then send a reject.
6.If Time banking is enabled and the SubAccounts's TimeLeft field is
less than 1, send a reject.
7.If concurrency checking is enabled, and the user is listed in the
callsonline view (with more entries than they are allowed),
send a reject.
8.If Server Access checking is enabled, and the user's Account Type
does not have an entry in the ServerAccess table for the port
they are logging into, send a reject.
9.If there are matching records in the RadConfigs table for the user's
AccountID, send an ACK with them for the reply attributes.
10.If there are matching records in the RadATConfigs table for the user's
Account Type, send an ACK with them for the reply attributes.
11.Send a reject.

-- Dale E. Reed Jr.  (       IEA Software, Inc.      |  RadiusNT, Emerald, and NT FAQs Internet Solutions for Today  |