DaloRADIUS/FreeRADIUS integration with LDAP/Active Directory to authenticate...
RADIUS web management application
Brought to you by:
lirantal
Menu
▾
▴
#48 DaloRADIUS/FreeRADIUS integration with LDAP/Active Directory to authenticate Windows domain accounts and get access to the devices authenticated with the same RADIUS Server.
I have installed DaloRADIUS and FreeRADIUS applications and are running on our servers. I have configured DaloRADIUS to authenticate our devices like Cisco, Cambium, Juniper, Dragonwave, ... and thet are authenticating successfully based on the username/password. NAS and dictionaries that we have configured and made for each devices separately. We want to integrate our current RADIUS server to our Windows Active Directory and use each technician to authenticate to our RADIUS server based on their own Windows LDAP/Active Directory username/password and get access to login to all our devices we have in our RADIUS server with their own Windows domain accounts. I mean when then want to login to any device we have configured in our RADIUS , for login page , user their own Domain username/password instead of using device username/password we have created in our RADIUS Server. This configuration help us to use less credential accounts for each person instead of using different username/password for each device individually. We need your help on what is the procedure for it and how we can do that?
As I have installed slapd, samba, winbind, but I need to make sure what are the correct procedure, configuration and implementation for this plan.
Discussion
Anonymous
To be honest if you plan to connect your RADIUS server to an LDAP then I don't think you have anything to do with daloRADIUS. That's because dalo knows how to manager users based in MySQL. If users are managed over LDAP then dalo doesn't really have any point in this kind of setup.
View and moderate all "support-requests Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Support Requests"
Hi Liran,
Thanks for your prompt reply. We want to connect our devices like Cisco, Juniper, ... to have access to our Dalo. beside of that we want to integrate Dalo with Active Directory to give access to our technicians to be able to login by their Windows Domain username and password find access to those Cisco and Juniper devices and configure them. Instead of using different unique username and password for each device, each technician has access to all devices by only his/her domain username and password. Would you please guide me about this possibility?
Thanks,
Misagh
Hi Liran,
Thanks for your prompt reply. We want to connect our devices like Cisco, Juniper, ... to have access to our Dalo. beside of that we want to integrate Dalo with Active Directory to give access to our technicians to be able to login by their Windows Domain username and password find access to those Cisco and Juniper devices and configure them. Instead of using different unique username and password for each device, each technician has access to all devices by only his/her domain username and password. Would you please guide me about this possibility?
Thanks,
LDAP is beyond the scope of daloRADIUS. Mainly because dalo is very much based on the MySQL database for storing user/pass etc while LDAP is another type of storage if you think abou it.
So I don't have any guidance on that but not to say this is impossible, just that it's probably less common way of working with daloRADIUS.