Alexander Bokovoy abbra
abbra
/ FreeRadius + FreeIPA
Last active
June 6, 2024 10:00
— forked from tiran/FreeRadius + FreeIPA
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Assuming that HOSTNAME is enrolled to IPA realm already, | |
| # run the following on HOSTNAME where RADIUS server will be deployed | |
| # In FreeIPA 4.6+ host principal has permissions to create own services | |
| kinit -k | |
| ipa service-add 'radius/HOSTNAME' | |
| # create keytab for radius user | |
| ipa-getkeytab -p 'radius/HOSTNAME' -k /etc/raddb/radius.keytab | |
| chown root:radiusd /etc/raddb/radius.keytab | |
| chmod 640 /etc/raddb/radius.keytab |