How to configure Solaris 10 Radius Authentication client.
Michael Hocke
michael.hocke at nyu.edu
Mon Jun 4 21:31:36 CEST 2012
-----BEGIN PGP SIGNED MESSAGE-----
On Jun 4, 2012, at 2:06 PM, Alek Barsky wrote:
> I need to configure bunch of Solaris servers to use RADIUS PAM for Authentication/Authorization.
PAM only does authentication. After all, it stands for Pluggable Authentication Modules.
> I followed instructions in http://freeradius.org/pam_radius_auth/ and was able to configure Authentication portion of this task.
> There is one problem – the only way I can receive login shell on this box – if user already exists.
That's because in addition to PAM you still need some kind of directory to hold all the other user information like user id, group id, home directory, gecos field and preferred shell. /etc/nsswitch.conf determines where that information can be retrieved from (files, NIS, LDAP, DNS, etc.). I am not aware of a solution that lets you use RADIUS as a directory service for Solaris.
- - Michael
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.0.3 (Build 1)
Charset: windows-1252
wsBVAwUBT80NGZbfnpCg64TVAQHd4ggArN/0myf0kzlm1eSp+uMZuUl/s4Zi2Ua3
2nhocQZ6psuKwsDXphEkZqOeR5ZOjms8I3HiljLs8Cg6W7iE6ykFU0TRK8miG301
HQLWqHczFA/X4bDsHa8UH6do9Bvt9Nd6uDYn4ksrKJFCQabhTaVocECmOmXFLpUo
JSWXqpoaLgS9HJOlb613PqJQa5P5B5poQs+5bN4CPVuyAqKHMjIGquZlswwbl63R
hGM5JvlMhxiL7/U7XDqxZNAeo3vz01nVkYE4C6Ml+imYyVWJmBR60MdrehzpsN+s
dsJ2LK93Pv1y9r6CbvzhmNnRKxAOy+srk751FcmFEyg5unMZhgbizA==
=qg2E
-----END PGP SIGNATURE-----
More information about the Freeradius-Users
mailing list