User Account Management

‎09-04-2008 07:36 AM

This is more a RADIUS in general question, and I may be totaly missing it :robotindifferent:.  In RADIUS is there any method for the user to administer thier own account, things like account creation and password changes from a web site?  Most other authentication methods support this, but I can't seem to find much on RADIUS methods for account management.  Am I missing it, or does it not exist?


In advance, I know that if the back end is SQL, LDAP or other pass-through it's by accessing the backend directly.  This is on a SBR Appliance.


Re: User Account Management

‎09-04-2008 01:40 PM

Hi Doug,


There is nothing in the RADIUS protocol to support this, AFAIK.  I have come across other server vendors (in a previous life 🙂 which provided an API that allowed me to build a website to allow the creation (and theoretically - although I never did this - the modification) of accounts.


RADIUS servers often use alternative back end databases that each provide mechanisms for modification of values within those databases (e.g. SQL or LDAP).  This is often the most straightforward approach for accessing user credentials (via a web front end that manipulates the database entries used by the RADIUS server).


A particular special case is also Active Directory.  RADIUS servers can access AD via either NTLM or LDAP.  AD provides its own mechanisms for users to administer their own passwords. 





Guy Davies


IC Series Unified Access Control Appliances are hardened, centralized policy servers, combining the user identity, device security state and network location gathered by the UAC Agent to create unique network access control policy per user, per session.

RSS Icon