Re: LDAP authenticaton against PAM how-to

[Tony Earnshaw <tonni@hetnet.nl>]

Emmanuel Dreyfus wrote, on 12. feb 2007 10:54:

> > Since all the RADIUS servers I've used (FreeRadius, Radiator, Cisco Access 
> > Registrar) support authenticating against a number of different identity 
> > storage backends (LDAP, RDBMSs, etc.) ... it would be interesting to know 
> > what RADIUS server this is, and why you can't instead authenticate against 
> > the same backend store that it uses ...
> >
> > To me it really seems like you are doing one thing the wrong way around 
> > because you have something else doing things the wrong way around.
>
> The backend against which RADIUS authenticatate could be used, and it will
> prbbaly be in the future, but that require major refactoring of some IT mess, 
> which is not in the short terms gaols.
>
> Of course that RADIUS story is not The Right Way, but it is what I need right
> now. This is the real world, you know...

There is a (limited) number of documented masters of "the real world" 
subscribing to this list on a regular basis and Buchan Milne is one of 
them; indeed I personally am (and my sites are) indebted to him for his 
work. Nuff said.

You could, at least, answer his question and tell him why you need to 
proceed in the obtuse manner you demonstrate instead of waving his 
question airily away with the argument: that your needs "require major 
refactoring of some IT mess, which is not in the short terms gaols".

--Tonni

--
Tony Earnshaw
Email: tonni at hetnet dot nl