The failure of success
While the server is a great product, it fails on a number of accounts. Documentation is a popular choice, but I don't think that's the worst of its problems.
The worst problem is that it works.
Yes, I know a lot of people on the users list will disagree with me, especially the ones who are fighting with the previously mentioned lack of documentation. But given recent statistics, the few people every day who discuss their problems are about 0.1% of the install base. The rest of the users (for the most part) install it without major grinding of teeth, and then proceed to forget about it. They manage their users in an SQL or LDAP database, and don't really change the server configuration. Ever.
They don't change it because it just works. That's what software should do.
This means the project is a commercial failure, because it's difficult to sell costly support, upgrades, or other commercial value-adds when the customer is content with what they have. That's fine, because there are a good number of commercial RADIUS products based on FreeRADIUS. This means that even if you're paying for a RADIUS server, the odds are pretty good that if it's not IAS or ACS, it's a rebranded FreeRADIUS.
That's a successful commercial product.
February 14th, 2007 at 3:17 am
“…because it just works” is right.
My first experience with FreeRADIUS was setting it up to do “authentication” of MAC addresses (in MySQL) for a wireless network I was deploying at our .edu.
We went “live” in January 2004. The configurations haven't been touched since, as far as I can remember.
I'm now deploying two instances of FreeRADIUS on a pair of new servers (using MySQL for the authorization and accounting pieces and our OpenLDAP cluster for authentication) for managing “logins” for our forthcoming “new” wireless network.
“…because it just works” is right. In the three years since deploying FreeRADIUS, there's many things I've fought with to keep working. FreeRADIUS isn't one of them. Thanks for an awesome product, Alan.