Thank you all for responding to my first post in getting FreeRadius set up and working on a Solaris 10 box. I am working on creating the (non-priviledged) user environment that will run the server. I have successfully set up a working Radius server to work with a FirePass VPN appliance.. FirePass uses PAP for authentication.. however I have authenticated using both local and PAP. <code> "charlie" Auth-Type := Local, User-Password == "hello" Reply-Message = "Hello, %u" "charles" Auth-Type := PAP, User-Password == "hello" Reply-Message = "Hello, %u" </code> This works like this: -- FirePass appliaance has a SSL login page. -- User enters creditials -> validates against FreeRadius -- User is shown a "static" page on the FirePass Server with a Static Link. I will have about 75 users and need to set up password aging.. Using system (non-shell) accounts with IDs in /etc/password could be an option I did read the "Expired" thread and I can write a script to update that field if necessary.. My Goal --- let the user know their password has expired --- let them change it themselves.. --- age the password for 90 days --- I really don't want a MySQL database ( I don't know MySQL but could learn if I have to) I am hoping someone can point me in the right direction.. Charles