Freeradius
Freeradius and openldap--success story
Installing related Programs
Yum Install Freeradius2 freeradius2-utils freeradius2-ldap
To enable the LDAP client side of the server, refer to another file
Centos/56540.htm ">http://www.111cn.net/sys/centos/56540.htm
Please test native user, enable Steve to test (remember to add back to the test play)
Vi/etc/raddb/user
Steve Cleartext-password: = "Testing"
Service-type = Framed-user,
Service RADIUSD Restart
Radtest Steve testing localhost 0 testing123
Correct will show
Rad_recv:access-accept packet from host 127.0.0.1 Port 1812, id=247, length=26
Also, enable a network segment authentication
Vi/etc/raddb/clients.conf
Client 163.32.X.0/24 {
Secret = testing123
ShortName = Schoolap
}
Edit Freeradius profile About LDAP 111cn.net
Vi/etc/raddb/modules/ldap
Server = "ldap.do.kh.edu.tw"
Identity = "CN=MANAGER,DC=DO,DC=KH,DC=EDU,DC=TW"
Password = PSWD Manager password do
BaseDN = "OU=USER,OU=LOGIN,DC=DO,DC=KH,DC=EDU,DC=TW"
Vi/etc/raddb/sites-enabled/default
Authorize {
...
# files
Ldap
...
}
And also
Authenticate {
...
Auth-type LDAP {
Ldap
}
...
}
Service RADIUSD Restart
Test instructions
Pre-enable test
Radiusd-x
Test the native account number, please close after testing
Radtest Steve testing localhost 0 testing123
To test a segment of a network
Radtest ldapuser ldappasswd 163.32.xxx.78 0 testing123