I'm going to deploy "kerberised network" and have some questions.
I've deployed FreeIPA server and enrolled hosts, it's OK,
I've deployed RHEV and configured FreeIPA as DS, it's OK.
FreeRADIUS is used for user login (thought Cisco FireWall or Cisco
VPN) and contains user database (mysql).
Is it possible to integrate FreeRADIUS server and FreeIPA? For
security reasons replication of transfer) of passwords is impossible.
User tries to access some resource (ssh for example) -> ssh server
goes to kerberos (IPA) server -> IPA (LDAP?) goes to RADIUS (using
kerberos if possible?) -> krb ticket -> login
Best regards, Pavel Zhukov
Freeipa-users mailing list