Andreas Haumer <[EMAIL PROTECTED]> wrote: > But clear-text passwords are in many situations a no-no
Too bad. Debugging a system is very different than running a live system. For debugging purposes, the FIRST THING anyone should do is to configure a test user && a clear-text password for that user. Doing anything else is not only wasting your time as admin, it's wasting everyone elses time when you eventually get stuck, and ask questions on the list. Debugging means "stick your fingers in your ears, close your eyes, and repeat 100 times 'I MUST USE CLEAR-TEXT PASSWORDS' ". Once the system works for the test user, THEN try real users. If it's not done in that order, you will NEVER be able to track down what's going wrong, and why. > You can put it another way: a huge configuration file with lots > of lines, some of them commented out, can be quite confusing for > the reader. But YMMV of course... Too bad. If someone is not willing to read the comments in "radiusd.conf" which explain how to configure the server, then they end up being rude by asking obvious questions on the list. The documentation exists, people should read it. If they're not going to read it, they're going to be told to RTFM on the list. And most text editors have a "find" function. If you're trying to configure ldap, load "radiusd.conf", and keep looking for "ldap". That will let you skip 99% of the stuff in "radiusd.conf" which has nothing to do with what you're trying to configure. It's that easy. > For me it's easier to understand a small, single purpose > configuration file (which has only the settings necessary for > that purpose) than a big one where you have to find the relevant > information between lots of irrelevant comments. ... irrelevant for you, but relevant for everyone else. We simply can't configure the server to "do the right thing" for everyone's network. It's impossible. Instead, we make the server "do the right thing" for the most general cases, and include documentation telling people how to edit it for their network. Having a "small, single purpose" configuration file is a guaranteed way to have 100x the questions on this list. Trust me, having been on this list for 5 years, less documentation means more questions. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
