freeradius 和 LDAP

安裝

apti freeradius freeradius-ldap

設定(極簡 不考慮將 openldap.schema 匯入)

編輯  /etc/freeradius/modules/ldap

 ldap {

server = "localhost"
 identity = "cn=manga,ou=systemaccount,dc=example,dc=org"
 password = yourpass
 basedn = "dc=example,dc=org"
 filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
 access_attr = "uidNumber"
 }
 

支援TLS

編輯  /etc/freeradius/modules/ldap

 tls {
 start_tls = yes
 require_cert    = "never"
 }
 

編輯 /etc/freeradius/sites-enabled/default

取消註解

ldap

Auth-Type LDAP {
ldap
}

編輯 /etc/freeradius/sites-enabled/inner-tunnel

取消註解

ldap

Auth-Type LDAP {
ldap
}

 

/etc/init.d/freeradius restart

測試

radtest Luffy onepiece3001 localhost 18120 testing123

參考文章:

Freeradius with OpenLDAP authentication in Ubuntu 12.04 LTS

This entry was posted in 未分類. Bookmark the permalink.