mmmmm .. Kevin, I think he was trying to see if there was away around NOT having to set up a users dbm file. Since i have attended all the Ascend users course on Radius I will attempt to answer this in simplicty. (Plezzzzz no flames, i am trying to simplfy this an any addendums will be appreciated.) The users file for radius acts much like a hard-coded connection profile that one set's in the max itself. In practice, it is an -off the Access router- profile, since there is a limited number of connections available. The user name is parsed, and if the -Password='somepassword' the user is authenticated on the spot, and sent on his merrry way (inside the access box). If Password="UNIX", a query to the passwd file is made and if there is shadowing going on, then the shadow password is read and compared via Radius to the passed password. Then the user is granted access and can continue. Setting the Password in the users dbf results in password that are in clear text and can be read by anyone who can/may see the users dbf file (Provided of course one has the perms to do so), this is not a good idea of course. The direct answer to your question is that is correct in theory. One can 'hack' the radius code and force a read of the passwd file to look for users instead of using the 'users'. Although there are some additional parameters in the users dbf file that are used. The simplest method to automate this is to have a cron script that runs at predetermined times, parsing for your passwd file. Set the users you want to have access into some group(s) and extract them. Use 2 files, one that contains the important stuff that goes in front, and another that contains the required stuff at the bottom. Cat the the 3 files in order of 'header', 'users', and 'tail' and then execute a builddbm and VILOA, you have an automatic way of getting users added. Hope this helps ..... Ben Duncan Tel: 601-371-1445 Vice President fax: 601-371-1639 Intop 7402 Siwell Road Ste. 120 www.intop.net Jackson, Ms 39212 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> "It all really depends upon your view of reference. If an apple dropped from the Empire State Building is subjected to the effects of the turning earth, the turning solar system, the turning gallaxy, the turning universe, the contracting and expanding of the universe, would not that apple arrive at precisely where it left off ? " <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< On Thu, 22 May 1997, Kevin Smith wrote: > At 05:58 PM 5/21/97 -0400, Craig Salmond wrote: > >Is it possible to have radius read the /etc/passwd (or /etc/shadow) file > >instead of the /etc/raddb/users file? Or alternatley a way to create the > >users file from the /etc/passwd file. > > Well if you just put the DEFAULT entry in the users file, it will go to > the UNIX password file via the "login" daemon (that's right isn't it?). > > > > Kevin Smith Updated Service and Support > Ascend Communications Resources are now at: > <A HREF="http://www.ascend.com/service">http://www.ascend.com/service</A> > ++ Ascend Users Mailing List ++ > To unsubscribe: send unsubscribe to ascend-users-request@bungi.com > To get FAQ'd: <<A HREF="http://www.shore.net/~dreaming/ascend-faq">http://www.shore.net/~dreaming/ascend-faq</A>> > or <<A HREF="ftp://ftp.shore.net/members/dreaming/ascend-faq.txt">ftp://ftp.shore.net/members/dreaming/ascend-faq.txt</A>> > ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request@bungi.com To get FAQ'd: <<A HREF="http://www.shore.net/~dreaming/ascend-faq">http://www.shore.net/~dreaming/ascend-faq</A>> or <<A HREF="ftp://ftp.shore.net/members/dreaming/ascend-faq.txt">ftp://ftp.shore.net/members/dreaming/ascend-faq.txt</A>> </PRE> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <!--X-Follow-Ups-End--> <!--X-References--> <HR> <STRONG>References</STRONG>: <UL> <LI><STRONG><A HREF="msg05006.html">Re: (ASCEND) Newbie Radius Question.</A></STRONG></LI> <UL> <LI><EM>From</EM>: Kevin Smith <kevin@ascend.com></LI> </UL> </UL> <!--X-References-End--> <!--X-BotPNI--> <HR> <UL> <LI>Prev by Date: <STRONG><A HREF="msg05011.html">Re: (ASCEND) Analog Multilink PPP and RAS</A></STRONG> </LI> <LI>Next by Date: <STRONG><A HREF="msg05009.html">(ASCEND) PPP over Clear Channel T-1 into Max 4000?</A></STRONG> </LI> <LI>Prev by thread: <STRONG><A HREF="msg05006.html">Re: (ASCEND) Newbie Radius Question.</A></STRONG> </LI> <LI>Next by thread: <STRONG><A HREF="msg05012.html">Re: (ASCEND) Newbie Radius Question.</A></STRONG> </LI> <LI>Index(es): <UL> <LI><A HREF="mail155.html#05010"><STRONG>Main</STRONG></A></LI> <LI><A HREF="thrd19.html#05010"><STRONG>Thread</STRONG></A></LI> </UL> </LI> </UL> <!--X-BotPNI-End--> <!--X-User-Footer--> <!--X-User-Footer-End--> </BODY> </HTML>