Differences between revisions 1 and 18 (spanning 17 versions)
Revision 1 as of 2007-05-03 00:29:13
Size: 733
Editor: ?dodgerfan78
Comment:
Revision 18 as of 2021-01-09 16:26:43
Size: 1743
Editor: nodiscc
Comment: group all samba pages under Samba/
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
RADIUS – LDAP HOWTO: ## page was renamed from FreeRadiusToLdap
''' Back to Home Page [[Samba/BuildingALinuxDomain]] '''
Line 3: Line 4:
Step 1: Install freeradius
Line 5: Line 5:
 apt-get install freedius = SUMMARY =
This is a guide on how to connect freeradius to an ldap server.
Line 7: Line 8:
Step 2: Modify the following freeradius configurations file: == Step 1: Install freeradius ==
Line 9: Line 10:
/etc/freeradius/clients.conf
/etc/freeradius/users
etc/freeradius/radiusd.conf		 This is how you install freeradius. If you don't do this command, you won't have freeradius :)
Line 13: Line 12:
Examples: {{{ apt-get install freeradius }}}
Line 15: Line 14:
/etc/freeradius/clients.conf == Step 2: Modify the following freeradius configuration files: ==
Line 17: Line 16:
client x.x.x.x/x {
 secret = secret
} 		 * /etc/freeradius/clients.conf
 * /etc/freeradius/users
 * /etc/freeradius/radiusd.conf

=== /etc/freeradius/clients.conf ===

This file is where you specify what Radius clients can send Radius authentication requests to the Radius server. You can specify a subnet (/24,/22,etc) or a host (/32). The secret must be the same on client and server.

{{{
client x.x.x.x/x
 secret = secret
}}}
Line 21: Line 29:
/etc/freeradius/users === /etc/freeradius/users ===
Line 23: Line 31:
This is where you tell the Radius server to use LDAP for specific user accounts. "user" can be replaced with the username. There must be one entry for each user.

{{{
Line 24: Line 35:
}}}
Line 25: Line 37:
/etc/freeradius/radiusd.conf === /etc/freeradius/radiusd.conf ===
Line 27: Line 39:
This file is for specific Radius server settings. This section is already in the file, but probably needs to be uncommented and modified. Enter the IP address of the LDAP server as well as the DN for an administrative user.

{{{
Line 34: Line 49:
}}}
Line 35: Line 51:
Step 3: Restart freeradius == Step 3: Restart freeradius ==
Line 37: Line 53:
 /etc/init.d/freeradius restart Now restart freeradius.

{{{
/etc/init.d/freeradius restart
 }}}


[[BuildingALinuxDomain]]

Back to Home Page Samba/BuildingALinuxDomain

SUMMARY

This is a guide on how to connect freeradius to an ldap server.

Step 1: Install freeradius

This is how you install freeradius. If you don't do this command, you won't have freeradius :)

 apt-get install freeradius 

Step 2: Modify the following freeradius configuration files:

  • /etc/freeradius/clients.conf
  • /etc/freeradius/users
  • /etc/freeradius/radiusd.conf

/etc/freeradius/clients.conf

This file is where you specify what Radius clients can send Radius authentication requests to the Radius server. You can specify a subnet (/24,/22,etc) or a host (/32). The secret must be the same on client and server. 

client x.x.x.x/x 
        secret = secret

/etc/freeradius/users

This is where you tell the Radius server to use LDAP for specific user accounts. "user" can be replaced with the username. There must be one entry for each user. 

user    Auth-Type := LDAP

/etc/freeradius/radiusd.conf

This file is for specific Radius server settings. This section is already in the file, but probably needs to be uncommented and modified. Enter the IP address of the LDAP server as well as the DN for an administrative user. 

ldap {
      server = “x.x.x.x”
      identity = “cn=admin,dc=example,dc=com”
      password = password
      basedn = “dc=example,dc=com”
      filter = “(uid=%{Stripped-User-Name:-%{User-Name}})”
}

Step 3: Restart freeradius

Now restart freeradius. 

/etc/init.d/freeradius restart

BuildingALinuxDomain