[Freeipa-users] FreeIPA and freeradius
Ryan Skorstad
ryan.skorstad at beatport.com
Wed Oct 29 20:43:30 UTC 2008
I was able to get the radius server included with IPA operational by:
1. Installing the 'freeradius-ldap' rpm from yum
2. chmod 775 /etc/raddb/certs (so radiusd can write cert files)
3. Change your 'authorize' and 'authenticate' sections of
/etc/raddb/radiusd.conf to:
authorize {
ldap
}
authenticate {
Auth-Type LDAP {
ldap
}
}
The radius server will now authenticate users against IPA's LDAP directory.
I have not tested this configuration extensively, I have only verified
that it returned Access-Accept for a valid user/pass/secret and
Access-Reject for a bad user/pass/secret.
Laszlo BERES wrote:
> John Dennis wrote:
>
>> Currently there isn't any actual support for Radius in IPA despite the
>> presence of some Radius related files. If the Radius files are showing
>> up in a released version they should be removed. By any chance were you
>> installing from source?
>
> Well, that's sad. I was installing from the standard Fedora 9 repository:
>
> ipa-radius-server-1.1.0-7.fc9
> ipa-radius-admintools-1.1.0-7.fc9
>
> Isn't it a little misleading?
>
>> FWIW, we've pushed Radius support out a bit because unrealistic schedule
>> constraints. If you're interested in contributing to this area please
>> let us know.
>
> Thank you for the answer, John. I am interested and will examine how
> could I contribute.
>
--
++
Ryan Skorstad - Systems Administrator
ryan.skorstad at beatport.com
DIGITAL DOWNLOAD NETWORK(tm)
BEATPORT-BEATSOURCE-TRAKTOR-BEATPORTSYNC-BEATPORTAL
-----------------------------------------------
1037-C Broadway
Denver, Colorado USA 80203
Access the world of club music(tm)
More information about the Freeipa-users
mailing list