Get zimbra LDAP url and password
zmlocalconfig -s ldap_master_url zimbra_ldap_password
Edit /etc/freeradius/modules/ldap
ldap {
...
server = "ldap_master_url"
identity = "uid=zimbra,cn=admins,cn=zimbra"
password = "zimbra_ldap_password"
basedn = "ou=people,dc=yourHost,dc=yourDomain"
filter = "(mail=%{mschap:User-Name:-%{User-Name}}@*)"
base_filter = "(objectClass=organizationalPerson)"
...
}
Edit /etc/freeradius/sites-available/default
authorize {
...
ldap
...
}
authenticate {
...
Auth-Type LDAP {
ldap
}
...
}
Edit /etc/freeradius/modules/mschap
mschap {
...
use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = yes
ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{%{Stripped-User-Name}:-%{%{User-Name}:-None}} --challenge=%{%{mschap:Challenge}:-00} --nt-response=%{%{mschap:NT-Response}:-00}"
...
}
Edit /etc/freeradius/eap.conf
eap {
...
default_eap_type = ttls
...
gtc {
...
auth_type = PAP
...
}
ttls {
...
default_eap_type = gtc
...
}
peap {
...
default_eap_type = gtc
...
}
...
}
Edit /etc/freeradius/clients.conf
...
#client IPv4/CIDR4 {
# secret = "[email protected]"
# shortname = ipv4-clients
#}
#client IPv6/CIDR6 {
# secret = "[email protected]"
# shortname = ipv6-clients
#}
client 0.0.0.0/0 {
secret = "[email protected]"
shortname = ipv4-clients
}
client ::/0 {
secret = "[email protected]"
shortname = ipv6-clients
}
Restart freeradius service
systemctl restart radiusd
Kawin Viriyaprasopsook
System administrator at Zercle Technology Co., Ltd.
System admin กากๆ
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
รักในการเล่นเกม
ชอบดู Anime ญี่ปุ่น
Latest posts by Kawin Viriyaprasopsook (see all)
- Kernel tuning for linux server - 2019-03-28
- [Workaround] Override docker systemd service - 2019-01-04
- Use LZ4 with tar for compress multiple directories - 2018-12-15