Thanks for your rapid response!
That's a fairly complicated setup. *Why* are you going to proxy?Of course I would work up something complicated! Reason being is that, although there should be certain common users at satellite locations, the number of satellite locations, WAN traffic, and the occasional user that needs to roam among satellites all [seem to] add up to needing both proxy and local authentication. Plus there's not always a guarantee the WAN link will be up, and we want the local users to still be able to authenticate (semi-autonomy).
And I appreciate that - the one thing I dislike doing is working with software where configuration files are assumed to be 'self-documenting' just by the parameter names (no comments/etc.). There is a great deal of helpful text, I'll just need to allocate more time to print out the configs and digest them.The complex methods in the example configs are there partly for documentation, and partly so that the server can automatically figure out what to do, without you configuring it too much.
In 1.0.x, build the server, install it, run it as root, and it willThat's good - I'll start from there. Since the only processes that will need to authenticate to this service are on the same machine, we'll probably just configure (and use iptables) to make sure that stays the case.
automatically authenticate users against /etc/passwd. The ONLY
configuration you need to do is to edit "clients.conf". And if your
RADIUS test client is run from the same machine, you don't even have
to edit that.
Thanks for your help!
RB
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
