Implementation with AD integration on RHEL7

Alan DeKok aland at deployingradius.com
Thu Dec 6 23:08:01 CET 2018


On Dec 6, 2018, at 3:06 PM, M S <m6soto at gmail.com> wrote:
> 
> Please pardon my newb-ness. I am new to RADIUS and FreeRADIUS.

  Despite rumors to the contrary, that's fine.

> How would you guys advise setting up FreeRADIUS to utilize Active Directory on RHEL7?

  Read the guide on my web site:

http://deployingradius.com/

> My goal is to provide centralized authentication for our network switches.
> 
> The RHEL7 host system that will be hosting FreeRADIUS is setup to directly authenticate users logging into it against our AD server using sssd. I was thinking that rather than setting up a separate AD relationship between FreeRADIUS and AD, would it be possible to have FreeRADIUS utilize the OS-level relationship that is setup with AD via sssd? I am not finding much online describing this setup.

  I don't think so.  At least, it's not possible for MS-CHAP or PEAP.  For normal User-Password authentication it might work.

> Setup:
> Red Hat Enterprise Linux Server release 7.6 (Maipo)
> FreeRADIUS 3.0.13-9 (the version available in RHEL7 repos)

  You probably want to upgrade to 3.0.17...

  Alan DeKok.




More information about the Freeradius-Users mailing list