Implementation with AD integration on RHEL7
Alan DeKok
aland at deployingradius.com
Thu Dec 6 23:08:01 CET 2018
On Dec 6, 2018, at 3:06 PM, M S <m6soto at gmail.com> wrote:
>
> Please pardon my newb-ness. I am new to RADIUS and FreeRADIUS.
Despite rumors to the contrary, that's fine.
> How would you guys advise setting up FreeRADIUS to utilize Active Directory on RHEL7?
Read the guide on my web site:
http://deployingradius.com/
> My goal is to provide centralized authentication for our network switches.
>
> The RHEL7 host system that will be hosting FreeRADIUS is setup to directly authenticate users logging into it against our AD server using sssd. I was thinking that rather than setting up a separate AD relationship between FreeRADIUS and AD, would it be possible to have FreeRADIUS utilize the OS-level relationship that is setup with AD via sssd? I am not finding much online describing this setup.
I don't think so. At least, it's not possible for MS-CHAP or PEAP. For normal User-Password authentication it might work.
> Setup:
> Red Hat Enterprise Linux Server release 7.6 (Maipo)
> FreeRADIUS 3.0.13-9 (the version available in RHEL7 repos)
You probably want to upgrade to 3.0.17...
Alan DeKok.
More information about the Freeradius-Users
mailing list