Best config practices?
Alan DeKok
aland at deployingradius.com
Mon Aug 11 11:59:28 CEST 2008
sphaero wrote:
> I was thinking to start adding a few custom files to include in the default
> config.
>
> $raddb/custom_mods.conf : the custom ldap and sql module definitions
> $raddb/custom_auth.conf : custom authentication entries
> $raddb/custom_autz.conf : custom authorization entries
In 2.0.5, the raddb/modules directory can hold modules. The
raddb/sites-enabled/ directory holds custom virtual servers.
> I'm using realms to link the different authorization modules.
I'm not sure what that means..
> If I'm correct
> I need to add every realm to the proxy.conf file and set it to LOCAL. Is
> this really needed?
You need to add realms to proxy.conf. See the default proxy.conf,
"realm LOCAL" for an example of configuring a local realm.
> Finally I need to add the realms to users file
>
> DEFAULT Realm == "test.com", Autz-Type := test.com
That will work. But in 2.0.5, I would suggest *not* using Autz-Type.
The new virtual server functionality is much more powerful.
Still... if this works for you, there's no harm in using it.
Alan DeKok.
More information about the Freeradius-Users
mailing list