-----BEGIN PGP SIGNED MESSAGE-----
On Jun 4, 2012, at 2:06 PM, Alek Barsky wrote: > I need to configure bunch of Solaris servers to use RADIUS PAM for > Authentication/Authorization. PAM only does authentication. After all, it stands for Pluggable Authentication Modules. > I followed instructions in http://freeradius.org/pam_radius_auth/ and was > able to configure Authentication portion of this task. > There is one problem – the only way I can receive login shell on this box – > if user already exists. That's because in addition to PAM you still need some kind of directory to hold all the other user information like user id, group id, home directory, gecos field and preferred shell. /etc/nsswitch.conf determines where that information can be retrieved from (files, NIS, LDAP, DNS, etc.). I am not aware of a solution that lets you use RADIUS as a directory service for Solaris. - - Michael -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.0.3 (Build 1) Charset: windows-1252 wsBVAwUBT80NGZbfnpCg64TVAQHd4ggArN/0myf0kzlm1eSp+uMZuUl/s4Zi2Ua3 2nhocQZ6psuKwsDXphEkZqOeR5ZOjms8I3HiljLs8Cg6W7iE6ykFU0TRK8miG301 HQLWqHczFA/X4bDsHa8UH6do9Bvt9Nd6uDYn4ksrKJFCQabhTaVocECmOmXFLpUo JSWXqpoaLgS9HJOlb613PqJQa5P5B5poQs+5bN4CPVuyAqKHMjIGquZlswwbl63R hGM5JvlMhxiL7/U7XDqxZNAeo3vz01nVkYE4C6Ml+imYyVWJmBR60MdrehzpsN+s dsJ2LK93Pv1y9r6CbvzhmNnRKxAOy+srk751FcmFEyg5unMZhgbizA== =qg2E -----END PGP SIGNATURE----- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
