At 04:33 AM 12/4/2009, Alan DeKok wrote:
[email protected] wrote:
> Note that the configuring of SAMBA, kerberos, and adding to the domain
> should already be done as part of the default Linux install, see
> h:\is\operating system\Linux\Guide_linux.doc
This file is... ?
Heh, part of our internal documentation structure. As long as I'm
copy/pasting this from that, it's likely to stay in there.
> Update max_requests to # users * 256
That isn't necessary. It should be no more than "max request/s *
max_request_time".
Well the docs say:
# max_requests: The maximum number of requests which the server keeps
# track of. This should be 256 multiplied by the number of clients.
# e.g. With 4 clients, this number should be 1024.
so I was just doing what this said.
> Add to the end of the acct listen {..} (to permit groups of clients)
> clients = disambiguate
I don't understand why this is necessary. All it does is put the
clients into a sub-section. There's no additional value or capabilities
in doing this.
I probably picked this up from one of the random docs while trying to
puzzle things out that weren't clear. Since it helps show how to use
a subsection, it's useful to me.
> Since we're not using any of these methods for the Ciscos, in
> authenticate{..} disable: chap, mschap, suffix, ntdomain, unix, pap
>
> Add to the end of the authorize{..} section:
> ntlm_auth
Or to the end of the "authenticate" section?
d'oh! good catch (it's right in the appendix at least)
Thanks!
Rick
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
