Using:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
as a base, i've setup freeradius to authenticate against my domain
(samba, not AD, but little difference).
In this way users can access my wireless network, using their domain
account with password expiration and so on. Perfect.
But could be that i will need some 'guest access': for, ahem, guests,
or for speakers at a conference, ...
Creating and deleting domain accounts only for that it is not my
preferred choice.
The same HOWTO above say:
Configuration of users
The configuration of this file is not necesary to get work the
freeradius against the Active Directory, it is only necessary for
advanced usage of FreeRADIUS.
One of this advanced features, (among others) is the case when we want
to have some local users that does not rely on the Active Directory
that is working, but in the local file of users under
${sysconfdir}/raddb directory, an with the same authentication schema
of PEAP.
Open your users file with your favorite editor and put a line like
this:
username1 Cleartext-Password := "user-password1",
MS-CHAP-Use-NTLM-Auth := 0
Perfectly, also this works. But i'm lazy as many system administrators,
and i know that probably i will forgot to have account like this.
Googling around i've found the Expiration radius tag that seems suit my
needs, but i've found no example around, nor an expalnation if can be
used and how on 'users' file.
Speaking clearly: can i define in 'users' file some users with an
explicit 'expiration date'?
Someone can explain me how?
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.sv.lnf.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)sv.lnf.it tel +39-0434-842711 fax +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/chi_siamo/5xmille.php
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
