Network authentication service (RADIUS)

Zentyal integrates the FreeRADIUS [2] server, which is the most widespread in Linux environments.


Configuring a RADIUS server with Zentyal

To configure the RADIUS server in Zentyal, first you need to check in Module status if the Domain Controller and Directory Services module is enabled, because RADIUS depends on this module for user authentication.

You can create a group of users from the menu Users and Computers –> Manage. The configuration options for users and groups are explained in detail in chapter Domain Controller and Directory Services.

Once you have enabled Domain Controller and File Sharing and you have added groups and users to your system, you need to enable the module in ​the Module status by checking the RADIUS box.

To configure the service, go to RADIUS in the left menu. Here you can define if All users or only the users that belong to a specific group will be able to use the service.

Configuration of the groups allowed to use RADIUS

Configuration of the groups allowed to use RADIUS

Next, you can define the devices that are going to send authentication requests to Zentyal. To do this, you need to create a new RADIUS client:

Configuration of a new RADIUS client

Configuration of a new RADIUS client

You have to define the following for each client:

Indicates if RADIUS client is enabled or not.
Name of the device for identification purposes.
IP Address:
The IP address or the range of IP addresses from which it is allowed to send requests to the RADIUS server.
Shared password:
Password used to authenticate and encrypt the communications between the RADIUS server and the device. This password must be known by both parties.