Re: Freeradius
On Mon, May 20, 2013 at 12:30:03PM +0200, Petter Reinholdtsen wrote:
> [Giorgio Pioda]
> > Hi,
> >
> > I've found this:
> >
> > http://comments.gmane.org/gmane.linux.skolelinux.user.german/7358
> >
> > 1) Somebody knows if it works. I don't understand how the freeradius
> > gets users and group informations since there is no
> > LDAP server setup; directly from unix ? If yes it is not possible to
> > put the freeradius on a separated machine.
>
> I would expect it to use PAM and NSS to get user and group information
> (and for authentication, similar to the setup I found described at
> <URL: http://agix.com.au/blog/?p=2994 >. As our PAM and NSS setup is
> configured to use LDAP and Kerberos, it should just work.
>
> > 2) I'll recommend to put freeradius in the todo list for
> > jessie. Laptops and tablets are growing way more than expected.
>
> Perhaps start with a howto for those that want it? And perhaps
> include in it information on why laptops and tablets need RADIOS
> authentication. :)
>
Why RADIUS is needed ? Just try to manage a large institution
with shared keys... :)
It works ! Tested today.
I see a potential "chicken vs egg" problem with roaming-ws for the
very first login (can be solved in a wired fashion, of course).
Regards
Giorgio
--
Giorgio Pioda - Sysadmin SPSE-Tenero
Cell +41 79 629 20 63
Uff. +41 91 735 62 48
Reply to: