pam_radius_auth token user

Josh Restivo jrestivo at
Wed Apr 12 07:05:52 CEST 2006

This question appears in various forums time and time again though I've yet to 
discover a solution for it under linux. It *must* be a common issue....

The need exists to map users who are successfully authenticated via 
pam_radius_auth and who do not have a local account to a default 'token 
user'. FreeBSD's radius/pam module has a simple and obvious 'template_user' 
directive that suits this precise purpose well. Linux pam_radius_auth lacks 
this feature. 

Deploying centralized authentication only to require that all other user info  
be manually configured on each and every device anyway doesn't make any 
sense. Nor should it involve a full-blown and often unwieldy NIS (or similar) 
infrastructure to function. Surely I'm overlooking something.

More information about the Freeradius-Users mailing list