-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathREADME
More file actions
51 lines (42 loc) · 2.12 KB
/
README
File metadata and controls
51 lines (42 loc) · 2.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
FreeRADIUS (R)ocky (A)ctive (D)irectory (S)cript Builder
A walk-thrgouh can also be seen here:
https://youtu.be/C85jCjzI6-Q
This is a script to allow a Rocky (RHEL) Server (9.x) to become an integrated Radius server to read from AD for 802.1x
The installer will integrate this server into a pre-existing AD environment, via winbind (realmd) and configure itself for
8021.x, local MAC Auth and MAC Auth IPSK in the users file.
####Pre-requisites
You should install Rocky from scratch.
You should make sure the server has a static IP (the script will check).
During your setup, the hostname and domain name that you specify in the GUI installer of Rocky be what you want (pointing to your AD environment).
You do not need to (nor should you) install anything. Just a fresh, minimal install. The insatller will do the rest for you.
The Script will do the following:
Validate that you have a static IP setup. If you do not it will guide you through changing it.
Sets SElinux
Adds Firewall allowances
Enable the Rocky REPOS needed to build
EPEL
CRB
Install the requirements
Modify chrony to point to your AD environment
Download and install all updates
Prompt you for time syncronization
Join the Server to the AD domain
Ask for an AD testing user and password
Configure all files for ntlm_auth and winbind (permissions)
Test with wbinfo -t for RPC calls
Validate it can see AD users and groups
Confirm that it can auth against AD with test user
Validate that MSCHAP is working from localhost.
Bootstrap local certificates for testing
Add examples for MAC auth format and IPSK at the top of the users file
Clean up all the install files (We like to be tidy)
####Sounds great! How do I get it?
Installing
Please see the EASY_INSTALL File
#Installing
#Install Rocky Minimal
#https://rockylinux.org/download/
#Make sure you specify the domain name you want to use for AD.
#After the GUI install:
#(Just copy and paste the following lines on the Rocky terminal)
dnf -y install wget && cd /root && bash <(wget -qO- https://raw.githubusercontent.com/fumatchu/FR-RADS/main/FR-Installer.sh)