Date: Tue, 23 Feb 1999 19:20:31 -0500 From: Brian Cully <shmit@kublai.com> To: GVB <gvbmail@tns.net>, freebsd-net@FreeBSD.ORG Subject: Re: RADIUS Solutions Message-ID: <19990223192031.C50175@kublai.com> In-Reply-To: <4.1.19990223102105.00adb730@abused.com>; from GVB on Tue, Feb 23, 1999 at 10:23:16AM -0800 References: <4.1.19990223102105.00adb730@abused.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 23, 1999 at 10:23:16AM -0800, GVB wrote: > As I start to completely take over all the NT machines here and replace > them with FreeBSD, I am faced with this challenge. I will be running two > FreeBSD machines for Radius Authentication. Both using Meritt AAA and > /etc/passwd for authentication. What is the best way to synchronize passwd > files between the two systems immediatly (or 5 minute incriments) upon user > adds and password changes, etc. NIS? rsync? etc.. One of the things we did was distribute a full password list every four hours, but to get real-time authentication, we hacked our daemon to query directly against our provisioning system if the user wasn't in the password file or if his password had been invalidated. It works fairly well, and should be much more scalable than pushing out full password files every five minutes or so, and also better than doing all requests over the network. -- Brian Cully <shmit@rcn.com> ``I'm not surprised,'' said I. ``You created God in your own image, and when you found out he was no good you abolished him. It's quite a common form of psychological suicide.'' -- Robertson Davies, Fifth Buisiness To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990223192031.C50175>