Alan.. Thx for the reply.. after some chatting with the developers.. We already have an Oracle instance in place for the User /Passwd.. If we can use Oracle to talk "PAP" to FirePass this puts all the user management back on the already set up Oracle instance.. I will post back.. Much Thanks Charles On Fri, May 2, 2008 at 4:31 AM, Alan DeKok <aland@deployingradius.com> wrote:
thekat wrote:
FirePass uses PAP for authentication.. however I have authenticated using both local and PAP.
<code> "charlie" Auth-Type := Local, User-Password == "hello"
Don't set Auth-Type. Use Cleartext-Password, not User-Password. See the FAQ.
I will have about 75 users and need to set up password aging.. Using system (non-shell) accounts with IDs in /etc/password could be an option I did read the "Expired" thread and I can write a script to update that field if necessary..
My Goal --- let the user know their password has expired
That is an issue for the web page. You need to tell them *before* the password has expired.
--- let them change it themselves..
You'll need a separate script for this.
--- age the password for 90 days --- I really don't want a MySQL database ( I don't know MySQL but could learn if I have to)
You can use system accounts for this.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html