RadiusNT includes a migration option to auth the first time from the NT SAM
and
then replace the user's password in the database (so that all other times
don't need
the NT SAM account). That is the only migration option that I know of that
is
fairly seemless.
> Obviously, we would like the evaluation to go as smoothly as possible and
we
> have a few questions to that end.
>
> 1. Is there a detailed howto on setting up external systems for emerald to
> allow it to synchronise with Linux Radius? (PAM and Users File)
No. Most are fairly custom, depending on what you want to do. Emerald will
export a Livingston/Ascend compatable users file. There is also a
standalone
program called radusers that does that as well. We are working on a
generic
method for syncing the passwd/shadow file, but it will require the OpenLink
ODBC drivers for unix.
> 2. Is there a recommended Linux Radius Server for Emerald accounting?
Not really. You will loose some functionality of Emerald if you use
another RADIUS server that is not integrated into Emerald.
> 3. What specs are recommended for the emerald box given a potential 10,000
> MBR's?
Something like a single/dual PII-300+ with 256mb of RAM and Ultrawide
SCSI should be fine. Disk and memory are the two key components.
> 4. Are there any known issues regarding this type of configuration?
There isn't a cookie cutter type solution for it yet. We are working on
solutions, but don't have any generically available. You might want to
runn accounting to a pair of RadiusNT boxes, even if they don't have
authentication. It makes things a lot eaier.
> 5. Has anyone figured out how to export the usernames and passwords from
SAM
> to the emerald database.
You really can't. RadiusNT supports the migration option if its the
authenticating server, though.
> 6. Is there a web interface for emerald database maintenance? (Adding
Users
> etc)
There are some example ASP and Cold Fusion scripts on our FTP site.
Dale
For more information about this list, including removal,
please see http://www.iea-software.com/maillist.html