AAA/802.1x
Reply
Contributor
trusty1162
Posts: 17
Registered: ‎05-01-2008
0

Some SBR Appliance questions

Is it possible to set an expiration definition (i.e. 30 days, 90 days etc...) with native user accounts on the SBR appliance? I do not want to use any other server for account authentication or verification, just the SBR appliance.
Trusted Contributor
CraigB
Posts: 92
Registered: ‎04-06-2008
0

Re: Some SBR Appliance questions

There is no way to set a NATIVE user account to expire.

 

You would need to use an external auth database for this type of functionality.

 

Thanks,

 

Craig

Contributor
trusty1162
Posts: 17
Registered: ‎05-01-2008
0

Re: Some SBR Appliance questions

Thanks for the response Craig. I had spoken to the JTAC about this too and must admit that I am more than a little disappointed that this capability has not been built into the software by now.

 

 

Super Contributor
masoodnt10
Posts: 80
Registered: ‎06-20-2008
0

Re: Some SBR Appliance questions

[ Edited ]

It's not a Radius job to set package or account expiry, it's database. When user supplies his authentication data to the server either directly by answering the terminal server's login/password prompts, or using PAP or CHAP protocols. The server obtains the user's personal data from one of the following places:

 

System Database (The user's login and password are stored in /etc/passwd on the server)

Internal Database  (The user's login ID, password etc. are stored in the internal radius database)

SQL authentication (User's details are stored in an SQL database. The database structure is fully determined by the system administrator, Radius does not restrict it in any way. See Interaction with SQL Servers.)

 

Hopefully it should be clear now that in any case you have to update database fields to set the account expiry.

 

 

Message Edited by masoodnt10 on 01-22-2009 07:42 PM
Regards,
Masood
BLOG: http://weblogs.com.pk/jahil/
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.