12 Jan
2018
12 Jan
'18
7:16 a.m.
Hi, I have included nsswitch.conf , nscd daemon to resolve userid mappings. I see there were some attempts to write NSS modules, libnss-radius with these functions, Please suggest, if RADIUS server can support returning this information without even authentication. *enum nss_status _nss_radius_getpwnam_r(const char *name, struct passwd *result, char *buffer, size_t buflen);* any pointers will help. Regards, Soma On Tue, Jan 2, 2018 at 4:31 PM, Sudarshan Soma <sudarshan12s@gmail.com> wrote: > Hi, I quickly checked the ssd configuration . It looks to support LDAP but > doesnt seem to integrate with RADIUS servers. Please suggest, if there are > any references for SSSD integration with RADIUS/TACCAS+ servers . > > Regards, > Soma > > On Thu, Dec 28, 2017 at 8:34 PM, Sudarshan Soma <sudarshan12s@gmail.com> > wrote: > >> Thanks so much for suggestions. Will check on sssd . >> >> Regards, >> Soma >> >> On Thu, Dec 28, 2017 at 3:20 PM, Alister Winfield <alister@ticklers.org> >> wrote: >> >>> It depends on what you are trying to achieve⦠(This is nothing to do >>> with RADIUS but to give you a chance to learn the next thing is to learn >>> about libnss). >>> >>> Look at libnss for how id mappings happen this includes attributes >>> traditionally found in the shadow and password files. Then look at sssd its >>> likely to be easier to get it to work correctly libnss code stinks >>> (Problems with shared libraries used by nss plugins have caused me much >>> wasted time). >>> >>> >>> -- >>> Alister >>> >>> > On 19 Dec 2017, at 18:04, Sudarshan Soma <sudarshan12s@gmail.com> >>> wrote: >>> > >>> > Thanks Alan understood. It will be helpfule, if you can point or help >>> on >>> > how do we go about giving custom login shell for RADIUS users only . >>> > >>> > Say for local (etc/passwd ) users, /bin/bash is the login shell. >>> > /bin/myshell is for RADIUS users. I tried to add PAM module which >>> adds a >>> > user (/etc/passwd) when RADIUS login is attempted and pointed its >>> shell to >>> > /bin/myshell , Is this correct way of doing it . I have to delete this >>> user >>> > from /etc/passwd at the end of closing session. >>> > >>> > >>> > Regards, >>> > Ivan. >>> > >>> > On Mon, Dec 11, 2017 at 7:18 PM, Alan DeKok <aland@deployingradius.com >>> > >>> > wrote: >>> > >>> >> On Dec 10, 2017, at 11:30 PM, Sudarshan Soma <sudarshan12s@gmail.com> >>> >> wrote: >>> >>> >>> >>> I would like to know the following with respect to PAM radius module. >>> >>> >>> >>> -> I would like to give my own login shell instead of /bin/bash . >>> >> >>> >> This has nothing to do with PAM or RADIUS. See /etc/passwd. >>> >> >>> >> Alan DeKok. >>> >> >>> >> - >>> >> List info/subscribe/unsubscribe? See http://www.freeradius.org/ >>> >> list/devel.html >>> > - >>> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list >>> /devel.html >>> >>> >>> - >>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list >>> /devel.html >>> >> >> >