Hello William -
On Tue, 23 May 2000, William Hernandez wrote:
> This is my radius.cfg file:
>
> # livingCompat.cfg
> #
> # This is a simple Radiator config file that allows you
> # to continue using a bog standard Livingston or
> # similar users file with Radiator, It implements the
> # Auth-Type="System" check item by using AuthBy UNIX
> #
> # You will probably want to change the definitions of
> # DbDir, LogDir and the Filename parameters
> #
> # Author: Mike McCauley ([EMAIL PROTECTED])
> # Copyright (C) 1997 Open System Consultants
> # $Id: livingCompat.cfg,v 1.3 1999/07/12 02:01:35 mikem Exp $
> LogFile /var/log/radius.log
> DictionaryFile %D/dictionary.ascend2
> FingerProg /usr/bin/finger
> SnmpgetProg /usr/bin/snmpget
> RewriteUsername tr/[A-Z]/[a-z]/
> LogStdout
> Trace 4
> PidFile /tmp/radiusd.pid
> AuthPort 1812
> AcctPort 1813
> LogDir /var/log/radacct
> DbDir /etc/raddb
> LogFile /var/log/radius.log
> DictionaryFile %D/dictionary.ascend2
>
> # This clause defines a single client to listen to
> # You will probably want to change localhost and mysecret
> # to suit your site.
> <Client localhost>
> Secret mysecret
> </Client>
>
> <Client DEFAULT>
> Secret mysecret
> DupInterval 0
> FramedGroupBaseAddress 10.0.0.1
> FramedGroupBaseAddress 10.0.1.1
> FramedGroupBaseAddress 10.0.2.1
> FramedGroupMaxPortsPerClassC 20
> </Client>
>
> # This clause means we will handle any realm that arrives
> <Realm DEFAULT>
> <AuthBy FILE>
> Filename /etc/raddb/users
> </AuthBy>
> <AuthBy UNIX>
> Identifier System
> Filename /etc/passwd
> </AuthBy>
> # Log accounting to the detail file in LogDir
> AcctLogFileName /var/log/detail.log
> PasswordLogFileName /var/log/radius.log
> ExcludeFromPasswordLog root
> </Realm>
>
> # This clause defines an authorization method that will be used
> # by any users in the database with Auth-Type="System". It will
> # match the "Identifier System"
> <AuthBy UNIX>
> Identifier System
> Filename /etc/passwd
> </AuthBy>
>
> This is a typical entry in my users file:
>
> company.com Password = "System"
> User-Service = Framed-User,
> Framed-Protocol = PPP,
> Framed-Address = 111.111.11.111,
> Framed-Netmask = 255.255.255.255,
> Framed-Compression = Van-Jacobsen-TCP-IP,
> Ascend-Idle-Limit = 0
>
> I'm expecting authorization with the UNIX passwd file, if the
> user is not in the users file.
>
The above is slightly contradictory, and I am not sure what the users file
entry is meant to be doing. Is the Password entry for "company.com" really
meant to be the word "System"? or do you want to refer that authentication to
the System call as defined in the AuthBy UNIX? And what is meant by the entry
"company.com" itself? Are you expecting to deal with usernames of this form
directly?
please let me know
thanks
Hugh
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
