Cybersecurity
DevOps Cloud
IT Operations Cloud
OpenText product name changes coming to the community soon! Learn more.
Packages can be found in /usr/src/packages/RPMS/
/etc/raddb/modules/ldap
---------------------------------
ldap {
server = "servername"
identity = "cn=admin,o=org"
password = thepassword
basedn = "o=org"
filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
port = 636
tls_mode = yes
ldap_connections_number = 5
timeout = 4
timelimit = 3
net_timeout = 1
tls {
start_tls = no
#get this file from exporting the edir CA self signed cert
cacertfile = /etc/raddb/certs/rootder.b64
}
dictionary_mapping = ${confdir}/ldap.attrmap
password_attribute = nspmPassword
edir_account_policy_check = yes
# I allow everyone in my eDir to connect so I don't use the imanager / dial-in access stuff.
#This needs to be a “yes” if you do
access_attr_used_for_allow = no
set_auth_type = no
}
/etc/raddb/eap.conf
---------------------------
eap {
default_eap_type = peap
... # the rest of this file can stay as default
}
/etc/raddb/sites-enabled/inner-tunnel
--------------------------------------------------
uncomment "ldap" in the authorize section
!!! note, any ldap config in the post-auth section is causing segfaults in version 2.1.8
!!!Once this bug is fixed you will want to uncomment ldap in the post-auth section too
/etc/raddb/clients.conf
------------------------------
client 192.168.0.0/24 {
secret = somesecretpasswd
shortname = Wireless_AP
}