Differences between revisions 13 and 14
Revision 13 as of 2007-05-17 00:21:57
Size: 1227
Editor: ?dodgerfan78
Comment:
Revision 14 as of 2007-05-17 01:58:02
Size: 1694
Editor: ?dodgerfan78
Comment:
Deletions are marked like this. Additions are marked like this.
Line 8: Line 8:

This is how you install freeradius. If you don't do this command, you won't have freeradius :)
Line 19: Line 21:
client refers to the network that is allowed to pass Radius authentication requests such as wireless AP, L2 switch doing 802.1x, etc. This file is where you specify what Radius clients can sned Radius authentication requests to the Radius server. You can specify a subnet (/24,/22,etc) or a host (/32). The secret must be the same on client and server.
Line 28: Line 30:
user is the username. There must be one entry for each user. This is where you tell the Radius server to use LDAP for specific user accounts. "user" can be replaced with the username. There must be one entry for each user.
Line 36: Line 38:
This section is already in the file, scroll way down and modify it. This file is for specific Radius server settings. This section is already in the file, but probably needs to be uncommented and modified. Enter the IP address of the LDAP server as well as the DN for an administrative user.
Line 50: Line 52:
Now restart freeradius.

Back to Home Page ["BuildingALinuxDomain"]

SUMMARY

This is a guide on how to connect freeradius to an ldap server.

Step 1: Install freeradius

This is how you install freeradius. If you don't do this command, you won't have freeradius :)

 apt-get install freeradius 

Step 2: Modify the following freeradius configuration files:

  • /etc/freeradius/clients.conf
  • /etc/freeradius/users
  • /etc/freeradius/radiusd.conf

/etc/freeradius/clients.conf

This file is where you specify what Radius clients can sned Radius authentication requests to the Radius server. You can specify a subnet (/24,/22,etc) or a host (/32). The secret must be the same on client and server.

client x.x.x.x/x 
        secret = secret

/etc/freeradius/users

This is where you tell the Radius server to use LDAP for specific user accounts. "user" can be replaced with the username. There must be one entry for each user.

user    Auth-Type := LDAP

/etc/freeradius/radiusd.conf

This file is for specific Radius server settings. This section is already in the file, but probably needs to be uncommented and modified. Enter the IP address of the LDAP server as well as the DN for an administrative user.

ldap {
      server = “x.x.x.x”
      identity = “cn=admin,dc=example,dc=com”
      password = password
      basedn = “dc=example,dc=com”
      filter = “(uid=%{Stripped-User-Name:-%{User-Name}})”
}

Step 3: Restart freeradius

Now restart freeradius.

/etc/init.d/freeradius restart

["BuildingALinuxDomain"]