Currently we are using ESVA.net's version of RADIUS running on a Linux box.
I want to switch to NT but have a couple of questions...
1) In ESVA.net's version of RADIUS (http://www.n2h2.com/radius/) the
feature I like the most about it is that I don't have to enter in all the
following info per user.
DEFAULT
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Netmask = 255.0.0.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
Port-Limit = 1,
Sessions = 1,
Idle-Timeout = 1200
The above info is listed once at the beginning of the "users" file followed
by the users and their passwords one right after the other like this:
user1 Password = "password"
user2 Password = "password"
Now, if I switch to RadiusNT in text mode would I have to enter in all the
nfo above (or something similar to it) for every user? What about in OBDC
mode? Is there a way to have a "default" setting (like above) and just add
a username + password, restart the service and it works?
2) Regarding NT SAM integration. I've got over 6000 users here and I only
want to limit dial-in access to about 150 of them. Am I correct in
thinking that a user will only be allowed dial-in authentication if their
username is in the access list regardless if the password part comes from a
text file or NT SAM database? Bottom Line, I don't want a situation where
any of the 6000 users can be authenticated just because they are a member
of the domain and I have RadiusNT set up to get passwords from the SAM
Database.
I appreciate any suggestions/pointers...
Thanks...
Josh Moormann
Network Admin.
Liberty University
moormann@liberty.edu