Date: Sat, 14 Mar 1998 22:55:21 +0200 From: Ian Freislich <iang@digs.iafrica.com> To: ken@mui.net Cc: hackers@FreeBSD.ORG Subject: Re: radius? Message-ID: <E0yDxxh-0007fS-00@brane.digs.iafrica.com> In-Reply-To: Your message of "Mon, 09 Mar 1998 13:02:16 GMT." <199803092306.NAA16334@rocksalt.mui.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ken wrote: > There are going to be 2 locations. Site A and site B have 2 different > user databases. How does one set things up so that if they aren't > in site A, then it passes it to site B? or is there a better way to > handle this? > > Does it have something to do with Radius? You can use the elm authentication provided by the Merit Radius server. >From 'authfile': # This file contains a list of "realm" names which represent # authentication systems which may be used to authenticate a user. # Normally the user specifies the system where authentication is to # be performed by appending a realm name to his/her user id. For # example, "joe@xyz" indicates that user joe wants to be authenticated # by realm xyz. It is the purpose of this file to map the realm name # "xyz" to the actual DNS name of the authentication system and the # authentication protocol to be used. You just get your users to login as 'user@siteA' or 'user@siteB' and configure your radius server using the authfile to pass queries for the other site on to the second radius server. I'm going to be playing with this feature soon so the we can provide a 'virtual ISP' service. Of course, if the password files are reasonably static, it might be easier just to sync them although I think that there will be more maintenance involved (and things to go wrong) if you go that route. I've also made a couple of changes to this server that you may be interested in. -- igf (Ian Freislich) http://copernicus.cpt.tech.iafrica.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0yDxxh-0007fS-00>