Greg Woods wrote: > and that works right off the bat. There were other reasons why it might > have been nice to set the realm based on the user name; we're a research > institution, meaning that the groups here have a relatively high degree > of autonomy with little central control. It might have been nice to > allow the various groups to run their own backend servers, and choosing > a back end based on the username would be a handy thing to be able to > do.
That's realms. A lot of people do that. > But just for the purpose at hand (being able to authenticate a few > users with pam instead of otp), it works to just use the users file on > the back end server to accomplish that. If I do try to do something > organization-wide, it will probably be better to have some kind of > database (LDAP or SQL) involved. Yes. Much better. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
