I APPRECIATE the help. If I'm understanding it correctly.
The user file in /etc/raddb is read first then it moves to MySql to get it's information for the user if nothing matches in the user file.
As far as I can see I don't need to process the user file if I get everything set up correctly in the MySql database.
If I use MySql to handle the process do I need to create a user table in the radius database to process authentication?
If that would work could you or someone that has it set up send what would be required in it or a link to a how-to.
Otherwise if it would be better to just make the changes in the user file I could do that instead.
Sorry If I'm rambling. Just thinking out loud.
Other than that I am LOVING freeradius and dialup admin. Just a few more small adjustments and I'll have it.
I give you much applause. Keep up the good work. You've freed me of Microsoft forever by having this product of much labor available.
You have my total admiration.( a little a$$ kissing here, or smoke in the orifice) ;-)
I can only hope and pray that I become as wise as many of you are using Linux.
Again THANKS for the help. If I get this to work I'll be sure to report back so the rest may benefit from it's results.
Joel
----- Original Message ----- From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <freeradius-users@lists.freeradius.org>
Sent: Thursday, February 17, 2005 7:12 PM
Subject: Re: CHAP / PAP ?
Michael Mitchell <[EMAIL PROTECTED]> wrote:DEFAULT Auth-Type = PAP Fall-Through = 1
That should still let CHAP work when specified, but will default to PAP if no other method of authentication has already been specified.
This is untested of course, so please report back to me if it worked or not...
Alan or others may want to comment on this...
It's probably a good idea.
I'm in the process of hacking the rlm_unix module in CVS so that it doesn't read /etc/passwd any more. Now that we have rlm_passwd, that module can read /etc/passwd.
We can then have an "authorize" section to rlm_unix, and list it in "authorize", just like pap, chap, and mschap. It will add a Crypt-Password to the request, if the user is in /etc/passwd.
Then, the "users" file can be updated to do "Auth-Type = PAP" by default. The PAP module will take care of figuring out how to authenticate the user via the Crypt-Password.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
