README FOR xtacacsd (see RELEASE also)
-------------------

		**************************************************
		* Up-to-date documentation under html/ directory *
		**************************************************

This is a modified version of the Cisco xtacacsd software enhanced and
maintained by Vikas Aggarwal (vikas@navya.com). It is very customizable
and supports a number of useful features.

The software is available from ftp://ftp.navya.com/pub/vikas/
or http://www.netplex-tech.com/software/

The RELEASE file has details as to what's new in this release.
Full documentation is available under html/ or at the Web site
http://www.netplex-tech.com/software/xtacacsd

This server should be run out of inetd. It waits for a period of inactivity
before exiting. If you make changes to your config file and want it to
be re-read by a 'lingering' server, kill the server (it will restart from
inetd). For standalone mode (instead of inetd), use the -s option.

The 'taclast' program included with this program can read xtacacsd v3.4 type
utmp and wtmp files. Use this program for parsing the xtacacsd wtmp and
utmp files instead of your system last and 'ac' programs.

The 'xpasswd' program can be used to change the password in an alternate
password file. On some Unix platforms, the system's passwd program can
be used to change passwords in an alternate password file instead.

The 'Getpw' program can create DBM database versions of your password
files for faster access if you have large passwd files. Use Getpw -c
to create the dbm database of an ASCII password file.

INSTALLATION
------------
Edit the Makefile and customize the MYCFLAGS & MYLIB values. Uncomment 
the CHAP and ARAP lines if needed in the Makefile. A simple 'make'
should then build xtacacsd.

It is highly recommended using the NDBM database for the password files.
Create this database using the 'Getpw' standalone program.

Edit the config file (see the sample xtacacsd-confg) which has comments
explaining each option.

Add lines in your /etc/inetd.conf and /etc/services for starting the
server automatically. Edit syslog.conf for logging the server's
actions (these are fully documented in the xtacacsd man page).

PH/QI Nameserver Support
------------------------
For support of the PH/QI CSO nameserver database, edit the Makefile
and the definitions in the ph.c file. Then put the field-names in
the xtacacsd config file and make sure you create a database with
these field names (i.e. plan your database for tacacs support).

Get and compile the QI software from ftp://ftp.cso.uiuc.edu. The
xtacacsd software requires the qiapi library and the qiapi.h file
to compile with the QI nameserver support.

DCE Support
-----------
To add support for DCE authentication, add "-DDCE" to MYCFLAGS. You also
need to supply the appropriate DCE libraries for your system in MYLIBS.
The Makefile includes an example MYLIBS line for Solaris.

ACCOUNTING
----------
For the beta 'tacacct' software, you must get the binary timerange.o file for
your system from  http://www.netplex-tech.com/software/xtacacs/downloads
and rename it to timerange.o. Then do a 'make tacacct'.


	-vikas aggarwal
	vikas@navya.com
	Jan 26, 1997

