Re: radiusd-freeradius history and future
On Wed, Nov 12, 2003 at 04:11:38AM +0100, Javier Fernández-Sanguino Peña wrote:
> On Wed, Nov 12, 2003 at 01:23:02PM +1100, Russell Coker wrote:
> > Allowing a RADIUS server to authenticate local users against /etc/shadow
> > is standard and expected functionality IMHO. I consider any RADIUS
> > server which can't authenticate against the local accounts database to
> > be severely broken.
> Well. IMHO that used to be a standard way of doing this when directories
> where not available. Now it is quite common to validate against an LDAP,
> MySQL or whatever server. YMMV. But you are right in that all these
> implementations assume that checking against the local user database is the
> default action.
Even before these directories were common, it was usually preferred to have
a separate database for RADIUS authentication (at least, I preferred it).