This will be a brainstorming post on the next steps that need to be completed on RADIUSdesk.
- In order to complete Permanent Users; Vouchers and BYOD Manager we need to complete the Profile Manager applet.
- All three of these applets depends on the availability of a profile selection.
Profile Manager
- Permanent Users; Vouchers and Devices will all have entries in the radcheck SQL table.
- Permanent Users (whose auth_type is sql) and Vouchers will have a Cleartext-Password := attribute entry.
- Devices will have a Rd-Auth-Type := Device entry.
- Permanent Users with an auth_type other than SQL will have an Rd-Auth-Type := <whatever auth_type=""> entry.
- ALL three types of 'users' will have a radcheck entry of User-Profile := <Profile user="">
Profile User
- We will use the implementation of FreeRADIUS's User-Profile.
- The profile user is a special type of user which has an entry in the radusergroup table that associates this user with one or more groups including a priority.
- Provided that the Fall-Trough radgroupreply attribute is set to 'Yes' for a specified group; it will cause FreeRADIUS to evaluate the next group in the priority list.
- The radusergroup entry with the lowest value has the highest priority.
- Remember that the operators is very important and determines if a value will be returned or not.
Profile Manager UI
- A profile can be CRUD.
- Each profile will have an owner.
- Each profile will consist of one or more components. A component is simply another name for a group which has radgroupcheck and radgroupreply attributes.