Recommendations for manging user password

Alan DeKok aland at
Fri May 2 11:31:00 CEST 2008

thekat wrote:
> FirePass uses PAP for authentication.. however I have authenticated using
> both local and PAP.
> <code>
> "charlie"         Auth-Type := Local, User-Password == "hello"

  Don't set Auth-Type.  Use Cleartext-Password, not User-Password.  See
the FAQ.

> I will have about 75 users and need to set up password aging..
> Using system (non-shell) accounts with IDs in  /etc/password could be an
> option
> I did read the "Expired" thread and I can write a script to update that
> field if necessary..
> My Goal
> --- let the user know their password has expired

  That is an issue for the web page.  You need to tell them *before* the
password has expired.

> --- let them change it themselves..

  You'll need a separate script for this.

> --- age the password for 90 days
> --- I really don't want a MySQL database ( I don't know MySQL but could
> learn if I have to)

  You can use system accounts for this.

  Alan DeKok.

More information about the Freeradius-Users mailing list