We want to set up Radius on FreeBSD to authenticate users of a PHP/MySQL custom program, Microsoft Exchange users, Windows domain controller, and VPN clients. We also want to add/modify/delete users in the Radius database by using the custom PHP/MySQL tool.
Thinking of using FreeRadius because there is some documentation on how to configure it to work with MySQL.
I just wanted to run this by someone to make sure it makes sense.
The custom PHP/MySQL tool adds/modifies/deletes users through a web interface - so I think I would just have to make sure that it has the correct MySQL permissions and writes to the correct MySQL database. Right now, people can login to the tool and authenticate against a MySQL user table.
How would I authenticate against the Radius server instead?
I would also think that Exchange, Domain Controller, and VPN clients could be easily set up to authenticate against Radius.
Does the above make sense? Any need for LDAP?