On 12/09/2015 03:52 PM, Randy Morgan wrote: > Hello, > > We are setting up our wireless to authenticate against FreeRadius and > FreeIPA. > I am looking for any instructions on how to integrate radius with IPA. We can > get them talking via kerberos, but when we have a wireless client attempt to > authenticate against them, the password gets stripped out and only the > username > gets passed on, resulting in a failed logon attempt. > > As we have studied the problem we have identified the communication protocols > used by wireless to pass on the user credentials to radius. Wireless uses EAP > as it's primary protocol. We are running Xirrus wireless APs and from what we > can learn, they act only as a pass through conduit for the client. Ideally we > would like them to speak PEAP TTLS, this would allow kerberos to process from > the client to the IPA server, we are still researching this. > > Are there any instructions on how to integrate FreeRadius 3.0.10 with FreeIPA > 3.3.5? Any help would be appreciated. > > Randy
Hi, What articles did you test so far? I did not try it myself, but google gives out some idea: http://readlist.com/lists/lists.freeradius.org/freeradius-users/13/69142.html http://consultancy.edvoncken.net/index.php/HOWTO_Configure_Radius_with_an_IPA_Server https://plus.google.com/104747154449640814740/posts/SxU8to5J2r6 Martin -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
