Solved

Radius server for novell and windows

Posted on 2011-02-11
9
701 Views
Last Modified: 2012-06-27
I'm looking for a solution that will althenticate from novell edirectory and multiple window domains, from one radius server.
0
Comment
Question by:Darrell_Milam
9 Comments
 
LVL 30

Expert Comment

by:pgm554
ID: 34879483
0
 
LVL 18

Expert Comment

by:ZENandEmailguy
ID: 34882702
I second that...freeradius.  It comes with SUSE Linux Enterprise Server 9, 10, and 11 or can be downloaded.  Not a bad process to configure either but the radius.conf file is rather long.  You have to make changes to the LDAP section to allow the authentication to eDirectory.  To windows domains, there are several alternatives listed in the file and corresponding parameters for all.

Scott
0
 
LVL 19

Expert Comment

by:deroode
ID: 34886003
I don't think i understand the question. Do you want the Radius server to authenticate to eDirectory (clients connect to radius and radius ask eDirectory if credentials are correct) or the other way around (clients connect to eDirectory, and eDirectory checks with Radius)

AFAIK eDirectory and Active Directory cannot be configured to check authentication with another Radius or LDAP server.
You probably need a product like Identity Manager to sync credentials between Radius, eDirectory and Active Directory

http://www.novell.com/products/identitymanager/
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 2

Author Comment

by:Darrell_Milam
ID: 34887695
Instead of using wep or wap to connect to the wireless I would like to use raidus and have there credentials for edirectory or active directory authenticate them to be able to connect to the wireless. Is this possible? or am I looking at it wrong?
0
 
LVL 18

Assisted Solution

by:ZENandEmailguy
ZENandEmailguy earned 125 total points
ID: 34888207
It will depend upon your wireless devices/access points.  Do they support radius authentication?  I assisted with a project to re-configure wireless access points to use radius instead of WEP into eDirectory for authentication.  I set up the freeradius server and confirmed it would get to eDirectory.  Not knowing a lot about the wireless access points the customer had in place, I found the radius authentication configuration inside a management console and worked on one test device.  I don't know the outcome as someone else with more wireless knowledge stepped in and I moved onto other things for the customer.

At another customer site, I set up the freeradius on SLES9 to authenticate 80 routers and switches.  Auditor requirements said they had to change passwords every 45 days on all 80+ devices and they did so manually.  After the radius install and a simple reconfigure process, they changed two passwords instead of 160+.  Everything worked great with the radiusd (radius daemon) as long as I remarked out the eap protocol.

Scott
0
 
LVL 2

Author Comment

by:Darrell_Milam
ID: 34890315
they are using cisco wireless controllers 4400 which is able to use radius. and I have seen free radius used with edirectory but cannot find anything that can be installed on one device and pull from edirectory and active directory at the same time.  Any suggestions
0
 
LVL 18

Expert Comment

by:ZENandEmailguy
ID: 34891164
There are sections in the radius.conf file that will allow you to go to both directories.  I don't have a recent radius.conf file available to me but the sections are obvious as you go about the config.  I've only used freeradius on SUSE Linux 9 and 10.  Do you have a Linux server to do this with?

Scott
0
 
LVL 2

Accepted Solution

by:
Darrell_Milam earned 0 total points
ID: 34892012
not at this time we were trying to find somehting that would run on a windows box. freeraduis will  not run on windows yet. I don't think windows NPS will work with edirectory, or atleast I could not find and documentation that would allow it.
0
 
LVL 2

Author Closing Comment

by:Darrell_Milam
ID: 35115172
could not find a solutions that would run in our enviroment
but thanks everyone for there suggestions
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question