Network authentication service (RADIUS)

Zentyal integrates the FreeRADIUS [2] server, the most popular in Linux environments.

[2]http://freeradius.org/

Configuring a RADIUS server with Zentyal

To configure the RADIUS server in Zentyal, you need first to check in ​ Module status ​ if Domain Controller and File Sharing is enabled, because RADIUS depends on this.

You can create group and its users from the menu ​ *Users and Computers > Manage*​ . The configuration options for users and groups are explained in detail in chapter Domain Controller and File Sharing .

Once you have enabled ​ Doamain Controller and File Sharing ​ and you have added groups and users to your system, you need to enable the module in ​ Module status ​ by checking the ​ Radius ​ box in Module Status.

To configure the service, go to ​ RADIUS ​ in the left menu. Here you can define if ​ All users ​ or only the users that belong to a specific group will be able to access the service.

_images/radius-groups.jpg

Authentcation configuration in RADIUS

Then, you can define, what devices are going to send authentication requests to Zentyal, for that, you need to create a new RADIUS client:

_images/radius-new_client.jpg

New client configuration in RADIUS

For each client, you have to define the following:

Enabled:

Indicates if RADIUS client is enabled or not.

Client:

The device’s name used for identificate it.

IP Address:

The IP address or range of IP addresses which the device is allowd to sent requests to RADIUS server.

Shared password:

Password used to authenticate and encrypt the communications between the RADIUS server and the device. This password must be known by both parts.