Re: Recommendations for manging user password

[thekat <thekewlcat@gmail.com>]

Alan..
Thx for the reply.. after some chatting with the developers.. 

We already have an Oracle instance in place for the
User /Passwd..
If we can use Oracle to talk "PAP" to FirePass this puts all 
the user management back on the already set up Oracle instance..

I will post back.. 

Much Thanks

Charles

On Fri, May 2, 2008 at 4:31 AM, Alan DeKok <aland@deployingradius.com> wrote:

thekat wrote:
> FirePass uses PAP for authentication.. however I have authenticated using
> both local and PAP.
>
> <code>
> "charlie"         Auth-Type := Local, User-Password == "hello"

 Don't set Auth-Type.  Use Cleartext-Password, not User-Password.  See
the FAQ.

> I will have about 75 users and need to set up password aging..
> Using system (non-shell) accounts with IDs in  /etc/password could be an
> option
> I did read the "Expired" thread and I can write a script to update that
> field if necessary..
>
> My Goal
> --- let the user know their password has expired

 That is an issue for the web page.  You need to tell them *before* the

password has expired.

> --- let them change it themselves..

 You'll need a separate script for this.

> --- age the password for 90 days
> --- I really don't want a MySQL database ( I don't know MySQL but could
> learn if I have to)

 You can use system accounts for this.

 Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html