Planning: Feb 2013

This will be a brainstorming post on the next steps that need to be completed on RADIUSdesk.

• In order to complete Permanent Users; Vouchers and BYOD Manager we need to complete the Profile Manager applet.
• All three of these applets depends on the availability of a profile selection.

Profile Manager

• Permanent Users; Vouchers and Devices will all have entries in the radcheck SQL table.
• Permanent Users (whose auth_type is sql) and Vouchers will have a Cleartext-Password := attribute entry.
• Devices will have a Rd-Auth-Type := Device entry.
• Permanent Users with an auth_type other than SQL will have an Rd-Auth-Type := <whatever auth_type=""> entry.
• ALL three types of 'users' will have a radcheck entry of User-Profile := <Profile user="">

Profile User

• We will use the implementation of FreeRADIUS's User-Profile.
• The profile user is a special type of user which has an entry in the radusergroup table that associates this user with one or more groups including a priority.
• Provided that the Fall-Trough radgroupreply attribute is set to 'Yes' for a specified group; it will cause FreeRADIUS to evaluate the next group in the priority list.
• The radusergroup entry with the lowest value has the highest priority.
• Remember that the operators is very important and determines if a value will be returned or not.

Profile Manager UI

• A profile can be CRUD.
• Each profile will have an owner.
• Each profile will consist of one or more components. A component is simply another name for a group which has radgroupcheck and radgroupreply attributes.