• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 748
  • Last Modified:

Radius server for novell and windows

I'm looking for a solution that will althenticate from novell edirectory and multiple window domains, from one radius server.
0
Darrell_Milam
Asked:
Darrell_Milam
2 Solutions
 
pgm554Commented:
0
 
ZENandEmailguyCommented:
I second that...freeradius.  It comes with SUSE Linux Enterprise Server 9, 10, and 11 or can be downloaded.  Not a bad process to configure either but the radius.conf file is rather long.  You have to make changes to the LDAP section to allow the authentication to eDirectory.  To windows domains, there are several alternatives listed in the file and corresponding parameters for all.

Scott
0
 
deroodeSystems AdministratorCommented:
I don't think i understand the question. Do you want the Radius server to authenticate to eDirectory (clients connect to radius and radius ask eDirectory if credentials are correct) or the other way around (clients connect to eDirectory, and eDirectory checks with Radius)

AFAIK eDirectory and Active Directory cannot be configured to check authentication with another Radius or LDAP server.
You probably need a product like Identity Manager to sync credentials between Radius, eDirectory and Active Directory

http://www.novell.com/products/identitymanager/
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
Darrell_MilamAuthor Commented:
Instead of using wep or wap to connect to the wireless I would like to use raidus and have there credentials for edirectory or active directory authenticate them to be able to connect to the wireless. Is this possible? or am I looking at it wrong?
0
 
ZENandEmailguyCommented:
It will depend upon your wireless devices/access points.  Do they support radius authentication?  I assisted with a project to re-configure wireless access points to use radius instead of WEP into eDirectory for authentication.  I set up the freeradius server and confirmed it would get to eDirectory.  Not knowing a lot about the wireless access points the customer had in place, I found the radius authentication configuration inside a management console and worked on one test device.  I don't know the outcome as someone else with more wireless knowledge stepped in and I moved onto other things for the customer.

At another customer site, I set up the freeradius on SLES9 to authenticate 80 routers and switches.  Auditor requirements said they had to change passwords every 45 days on all 80+ devices and they did so manually.  After the radius install and a simple reconfigure process, they changed two passwords instead of 160+.  Everything worked great with the radiusd (radius daemon) as long as I remarked out the eap protocol.

Scott
0
 
Darrell_MilamAuthor Commented:
they are using cisco wireless controllers 4400 which is able to use radius. and I have seen free radius used with edirectory but cannot find anything that can be installed on one device and pull from edirectory and active directory at the same time.  Any suggestions
0
 
ZENandEmailguyCommented:
There are sections in the radius.conf file that will allow you to go to both directories.  I don't have a recent radius.conf file available to me but the sections are obvious as you go about the config.  I've only used freeradius on SUSE Linux 9 and 10.  Do you have a Linux server to do this with?

Scott
0
 
Darrell_MilamAuthor Commented:
not at this time we were trying to find somehting that would run on a windows box. freeraduis will  not run on windows yet. I don't think windows NPS will work with edirectory, or atleast I could not find and documentation that would allow it.
0
 
Darrell_MilamAuthor Commented:
could not find a solutions that would run in our enviroment
but thanks everyone for there suggestions
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now