RadiusAuth authenticates against a Radius server, it suffers from one problem. Radius servers do not suppport user lookups and without a valid password it's impossible for SurgeMail to know a user is valid until the user has first checked/read their email, when this occurs RadiusAuth stores the username for future reference.
To supply additional information (like groups=x.y.z or fwd=fred@domain) you can use the radius 'VENDOR-SPECFIC' attribute.
Some applications come with RadiusAuth already built. If you have not got a build and/or require the lastest code it can be downloaded from the one of the links below:
Source: auth_src_2.4b.zip 118k Windows radiusauth_2.4b_windows.zip 67k Freebsd4 radiusauth_2.4b_freebsd4.tar.gz 31k Linux (Libc6) radiusauth_2.4b_linux.tar.gz 27k Solaris radiusauth_2.4b_solaris7_sparc.tar.gz 27k
If you are building RadiusAuth from the source you will need to have a C compiler either cc or
gcc and make. To build the command line prompt would be:
make -f Makefile.radius
RadiusAuth comes requires an radiusauth.ini to configurate it's options. This file is located in the same directory as the RadiusAuth binary OR in a directory specified by the -path command line option. The available options are:
log false Enables verbose debug output. unix_password false Only designed to be used on UNIX machines. Tells the auth program to use the UNIX password system for storing passwords. plain_password false Tells the auth program to save the passwords as clear text. domain (none) This is the domain that is attached when users are created in the database.
eg: lynden becomes- firstname.lastname@example.org
lowercase_username false This will convert all usernames to lowercase when comparing names. lowercase_username_set false This will convert all names to lowercase before adding them to the database. search_min 0 This is the minimum number of characters that any search routine must have before a search is performed. radius_host localhost This is the IP address or Name of the Radius server. radius_port 1812 This is the TCPIP port of the Radius server (Normally 1812) radius_secret (none) This is the encryption_key that is setup on the Radius server that the Mail server needs to use. radius_attribute (none) This is the Radius attribute that is used that stores the fwd and quota settings. (string) field_username username The label of the username field in your table. field_password passwd The label of the password field in your table. field_forward forward The label of the forward field in your table. This is the forwarding information that SurgeMail uses to determine what it forwards the EMail to. field_quota (none) The label of the quota field in your table. This is the disk quota the user has.
eg: 100k, 10M
field_mailmask (none) The label of the mailmask field in your table. This is the IP mask that RadiusAuth checks against the "from IP" of the user. This forces the user to use only the specified IP. field_maildrop (none) The label of the maildrop field in your table. This is the location where SurgeMail will drop the user mail files. radius_user_file radius.dat This is the file where usernames/passwords are stored so that lookups without passwords can be done, eg: RadiusAuth stores the passwords itself as it adds the users.
-path Tells RadiusAuth where to create its logfile and where to find its config file. -debug Sets the logging level to debug. -log Turns on logging to radiusauth.log. -version This display the RadiusAuth version information -filtername,str1,str2 The username on a set,del,lookup,check command is check for 'str1' and replaced with 'str2' -convert_nwauth nwauth_path This will create a 'nw_convert.bat' file from the nwauth.add and nwauth.txt files that when run will runn radiusauth with various command to make the Radius database match NWAuth setup.
The commands below are the list of commands that this module supports. For a full description about the command see Authentication Protocol