[Freeipa-users] connecting freeipa server with free radius
John Dennis
jdennis at redhat.com
Mon Aug 24 16:22:52 UTC 2009
On 08/24/2009 12:07 PM, Rachid Zarouali wrote:
> hello :)
> does anyone has successfully connected freeipa server with a radius server ?
> if so , is there any howto/doc?.... that may help me doing it myself ?
Supporting radius is on our roadmap, but won't likely be part of v2. Our
plan is to use FreeRADIUS. Connecting IPA and FreeRADIUS in a basic
configuration is not difficult if all you want to do is PAP (just enable
the krb5 module). However supporting 802.1 as well as Windows
supplicants is likely to require some work on our end. There is also the
issue of Web GUI support for radius management and desirable features
such as group membership tests, time of day authorization, authorization
based on NAS type and location (e.g. VPN vs. wireless, etc.), revocation
of access (CoA), bandwidth controls, etc. These complications are
reasons why Radius is lower on our priority list.
However, one thing which will help us is getting a better understanding
of out the hundreds of ways radius can be deployed and managed which are
the ones are most important to support.
What do you want in terms of radius support from IPA?
Would you be willing to contribute to this area?
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list