specifying back end to proxy on per-user basis
Alan DeKok
aland at deployingradius.com
Sat Aug 23 00:00:06 CEST 2008
Greg Woods wrote:
> and that works right off the bat. There were other reasons why it might
> have been nice to set the realm based on the user name; we're a research
> institution, meaning that the groups here have a relatively high degree
> of autonomy with little central control. It might have been nice to
> allow the various groups to run their own backend servers, and choosing
> a back end based on the username would be a handy thing to be able to
> do.
That's realms. A lot of people do that.
> But just for the purpose at hand (being able to authenticate a few
> users with pam instead of otp), it works to just use the users file on
> the back end server to accomplish that. If I do try to do something
> organization-wide, it will probably be better to have some kind of
> database (LDAP or SQL) involved.
Yes. Much better.
Alan DeKok.
More information about the Freeradius-Users
mailing list