From owner-freebsd-isp Fri Mar 6 07:07:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA05424 for freebsd-isp-outgoing; Fri, 6 Mar 1998 07:07:39 -0800 (PST) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from korin.warman.org.pl (korin.nask.waw.pl [148.81.160.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA05379 for ; Fri, 6 Mar 1998 07:07:24 -0800 (PST) (envelope-from abial@nask.pl) Received: from localhost (abial@localhost) by korin.warman.org.pl (8.8.8/8.8.5) with SMTP id QAA04241; Fri, 6 Mar 1998 16:09:01 +0100 (CET) X-Authentication-Warning: korin.warman.org.pl: abial owned process doing -bs Date: Fri, 6 Mar 1998 16:09:00 +0100 (CET) From: Andrzej Bialecki X-Sender: abial@korin.warman.org.pl To: William Bulley cc: freebsd-isp@FreeBSD.ORG Subject: Re: Merit Radius and password changing In-Reply-To: <199803061448.JAA22002@ohm.merit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 6 Mar 1998, William Bulley wrote: > According to Andrzej Bialecki: > > > > I have several questions concerning Merit Radius v. 3.5.6: > > Then send them to aaa-support@merit.edu as is clearly suggested > on our WWW pages at the following URL: :-) > > http://www.merit.edu/aaa/ Okay, you're right :-) Thanks for the information you give below, though! > > * I also want to allow users to change their passwords (remember, they are > > not Unix passwords, so this is not going to be passwd(1)). How can I do > > this without manually editing 'users' file and restarting server? > > This is the $64,000 question that has plagued the RADIUS protocol and > IETF RADIUS Working Group discussions for years. I would recommend > using Kerberos (which has mechanisms for users to remotely change > their passwords). The Merit AAA Server supports Kerberos BTW. And what about the db(3) interface, which allows to dynamically update the on-disk database, also supporting transactions (which would allow several clients to one database - I mean, radiusd and some other maintenance/admin tool)? I can imagine adding support for this - it would be realtively simple because most of the hooks is already there. > The support for DBM/NDBM/etc. and builddbm in the Merit AAA Server is > weak. We cache all the of configuration files and therefore we see > little benefit from the use of builddbm (and don't deal with it) or any > access to the disk to get user profiles (since it is all in memory). Ok. But it's possible to turn the caching off (which would be beneficial in case of using db(3)). Thanks for reply! Andrzej Bialecki ---------------------+--------------------------------------------------------- abial@warman.org.pl | if(halt_per_mth > 0) { fetch("http://www.freebsd.org") } Research & Academic | "Be open-minded, but don't let your brains to fall out." Network in Poland | All of the above (and more) is just my personal opinion. ---------------------+--------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message