From owner-freebsd-isp  Tue Aug 10  6:11:11 1999
Delivered-To: freebsd-isp@freebsd.org
Received: from filer2.isc.rit.edu (filer2.isc.rit.edu [129.21.3.107])
	by hub.freebsd.org (Postfix) with ESMTP id 53B2B14BDA
	for <freebsd-isp@freebsd.org>; Tue, 10 Aug 1999 06:11:08 -0700 (PDT)
	(envelope-from jcptch@osfmail.isc.rit.edu)
Received: from grace ("port 2210"@[129.21.3.102])
 by osfmail.isc.rit.edu (PMDF V5.2-32 #34621)
 with SMTP id <0FG900NIG2EBB6@osfmail.isc.rit.edu> for freebsd-isp@freebsd.org;
 Tue, 10 Aug 1999 08:51:47 -0400 (EDT)
Received: by grace (5.65v4.0/1.1.19.2/21Sep98-0910AM)	id AA01465; Tue,
 10 Aug 1999 08:52:01 -0400
Date: Tue, 10 Aug 1999 08:52:00 -0400
From: Jon Parise <jcptch@osfmail.isc.rit.edu>
Subject: Re: your mail
In-reply-to: <Pine.LNX.4.05.9908101141050.1983-100000@linux1.usls.edu>; from
 francis@usls.edu on Tue, Aug 10, 1999 at 11:51:55AM +0800
To: FreeBSD ISP <freebsd-isp@freebsd.org>
Mail-followup-to: FreeBSD ISP <freebsd-isp@freebsd.org>
Message-id: <19990810085200.G31932@osfmail.isc.rit.edu>
MIME-version: 1.0
Content-type: text/plain; charset=us-ascii
User-Agent: Mutt/0.96.3i
X-Operating-System: OSF1 V4.0 (alpha)
References: <Pine.LNX.4.05.9908101141050.1983-100000@linux1.usls.edu>
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, Aug 10, 1999 at 11:51:55AM +0800, Francis A. Vidal wrote:

> however, adding, deleting, disabling, and changing user information is
> quite a task for 7,200 accounts with only a couple of full-time staff.
> what tools do we need to manage these accounts? it would also be nice if
> all the accounts were stored in a SQL server. i have looked into the
> possibility of using these packages:
> 
> 	OS -- FreeBSD
> 	SQL server -- MySql 3.22.25
> 	MTA -- Postfix (supports SQL server lookups)
> 	IMAP & POP -- Cyrus
> 	Web Interface -- TWIG or IMP
> 	Web Server -- Apache 1.3.6 + SSL + PHP3
 
It looks like you could easily get away with storing your user
information in a mysql database.  Use 'mod_auth_mysql' to
authenticate web users in apache.  I'm not sure if cyrus will play
nice with sql, so that might be your only hack.

You could also run cistron radius with the mysql patches.  I
believe freebsd will can do authentication from a radius server
using a pam module.  I haven't really played with this before, so
this information might be incorrect.

> the problem is how to `glue' these packages together for easier
> management. it's also good if the users were able to change the password
> themselves via a web interface and not to call us everytime they want to
> change their passwords.

That should be trivial if you're storing your user information in a
database.  Just make sure they're properly authenticated beforehand
and that the connection is secure.

-- 
Jon Parise (parise@pobox.com)  .  Rochester Inst. of Technology
http://www.pobox.com/~parise/  :  Computer Science House Member


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message