Archive for the ‘Radius’ Category
One of the things I'm looking into to make the life of those remaining easier when I leave, is whether we should try to migrate (I call it downgrade) from OpenLDAP to Active Directory.
Under normal circumstances, I'd never, ever suggest this, and the only reasons I'm doing it now are:
The organization is deploying a [...]
I spend a good part of my time ensuring that whatever services we offer will be up and running 24/7. Be it an Exim cluster, a failsafe BlackBerry Enterprise Server, MySQL on DRBD, multiple DNS servers, LDAP directory servers, you name it: whatever services we offer are very hard to kill.
Then comes some twerp and [...]
I've updated my whatmon Mozilla extension to include a very useful patch by Heiko Weber which causes whatmon to open a new browser window to display additional information.
Read the documentation and download whatmon or wait a wee bit until it is visible on the Mozilla Addons Site.
Because one of our clients thinks that two Radius servers are not enough, I'm creating a couple of VMware appliances which will be hosting an OpenLDAP-driven FreeRADIUS daemon on them with which we'll be authorizing 802.1x appliances.
Due to the fact that my master OpenLDAP servers (and their slaves) are currently still on version 2.2, I [...]
FreeRADIUS can execute arbitrary programs when an authorization or authentication request arrives from a NAS(Network Access Server), by using the exec module; that is what I've implemented to solve my dilemma.
A stanza
exec jxrad {
wait = yes
program = "/etc/raddb/bin/jxrad %{Stripped-User-Name}"
input_pairs = request config
}
in the modules section as well as an [...]
It is quite incredible what "FreeRadius":http://www.freeradius.org/ can do. At a customer site I've got a server which is doing authentication and authorization (as well as accounting of course) for a number of different NAS, each servicing distinct groups of people. Examples are VPN users, regular dial-up, Wireless with 802.1x and also administrative ssh logins to [...]