After all the emails (thank you for your help) I have most of my Mac OS X 
clients authenticating to FreeIPA over wireless.  Clients running on a 2014 or 
newer 10.12.5 and up won't work.  I suspect this has to do with the TLS 
version.  
Tell me if I'm approaching this the right way.
I am trying to apply a certificate FROM FreeIPA to FreeRADIUS.  I am also 
trying to register the service within FreeIPA but strugglging with some of the 
syntax.
I have been following this:FreeIPA: Giving permissions to service accounts. — 
Firstyear's blog-a-log

  
|  
|   |  
FreeIPA: Giving permissions to service accounts. — Firstyear's blog-a-log
 Firstyear`s blog-a-log  |  |

  |

 

I'm having some trouble adding the privileges and roles:[andrew.meyer@radius01 
~]$ ipa privilege-add-permission 'Radius service' --permission='Radius Service' 
 Privilege name: Radius Service  Description: Privileges needed to allow 
radiusd servers to operate  Failed members:    permission: Radius Service: 
permission not found-----------------------------Number of permissions added 
0-----------------------------[andrew.meyer@radius01 ~]$ ipa 
privilege-add-permission 'Radius service' --permission='Radius service'  
Privilege name: Radius Service  Description: Privileges needed to allow radiusd 
servers to operate  Failed members:    permission: Radius service: permission 
not found-----------------------------Number of permissions added 
0-----------------------------[andrew.meyer@radius01 ~]$ ipa role-add 'Radius 
server' --desc="Radius server role"--------------------------Added role "Radius 
server"--------------------------  Role name: Radius server  Description: 
Radius server role[andrew.meyer@radius01 ~]$ ipa role-add-privilege 
--privileges="Radius services" 'Radius server'  Role name: Radius server  
Description: Radius server role  Failed members:    privilege: Radius services: 
privilege not found----------------------------Number of privileges added 
0----------------------------[andrew.meyer@radius01 ~]$
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to