Bulk FreeRADIUS User Add



  • Hi,

    Using CE-2.4.5, I did "dirty" trial and error by modifying directly to authorize file which is symlink to users file in raddb directory.

    It works if I tested login to CP, the problem is it doesn't show in GUI. I need this so I can modify it further like add Description etc.

    Is this ideal approach for this situation?

    Thanks



  • Hi,

    See https://forum.netgate.com/topic/153251/automating-authentication-profiles-for-splash-page/2 for a suggestion.

    Maintaining the database would be done outside of pfSense, of course.



  • Thanks @Gertjan

    I've read your link post twice, and I assume you're suggest me to use SQL right? Correct me if I'm wrong. I'm prefer to use native sqlite shipped with FreeRADIUS package, honestly.

    Also, you said have edited the package source files, would you pointing me to the link/guide, etc?

    Or, maybe can we simulate POST method on URL pkg.php/freeradius.xml?id=&username=&password or similar like this. But not sure if it will work.



  • Hi,

    For those who have situation like me, thanks God, finally I ended up with the cleanest solution thought. I forgot to mentioned that I want this kind-of Bulk-Add cause I need to migrate user from MikroTik to pfSense (~300 users).

    Here's a recap:

    • Hand-writing the /usr/local/etc/raddb/mods-config/files/authorize file. It doesn't show on GUI and whenever you click Save, bump, the authorize file will be back as on GUI.

    • Trying method POST using POSTMAN. It doesn't work csrfmagic will regenerate unique id every time form request was made caused CSRF error.

    Both failed. Then, finally I did:

    • Download xml (choose Package Manager only) file on Diagnostic -> Backup & Restore:
      backup.JPG

    • Open the xml and add my-list-users right below the last user. It's ok just to add like the following format (It doesn't complain about the rest of items). You can simply prepared first using Excel or else for quick iterations.

    <config><varusersusername>user1</varusersusername><varuserspassword>pass1</varuserspassword><varuserspasswordencryption>Cleartext-Password</varuserspasswordencryption></config>
    
    • Upload the saved xml file by restoring back (choose Package Manager only) on the same page Diagnostic -> Backup & Restore:
      restore.JPG

    And last, check your Users list now.

    Hopefully this can help someone out there. Thank pfSense!.



  • @gprakosa said in Bulk FreeRADIUS User Add:

    and I assume you're suggest me to use SQL right?

    Yes : from the doc :
    https://wiki.freeradius.org/guide/SQL-HOWTO
    https://wiki.freeradius.org/guide/SQL-HOWTO-for-freeradius-3.x-on-Debian-Ubuntu

    Tow changes in the /usr/local/pkg/freeradius.inc are needed :

    Line 1521

    session {
    	radutmp
    #	sql
    }
    

    Put the # in front of radutmp, remove it from before sql.

    Line 1632

    session {
    	radutmp
    #	sql
    }
    

    Same.

    Now you can load user info into the SQL database - see doc.

    @gprakosa said in Bulk FreeRADIUS User Add:

    native sqlite

    SQlite is a PHP extension. It gives PHP some very basic database facilities.
    I really advise to to stay away from it.
    FreeRadius doesn't interface with PHP anyway.

    Btw : all - that means all ! - configuration files are stored in the config.xml.
    That is, all configuration files are created from this file.


Log in to reply