Novell Home

Token-based iChain Installation

Novell Cool Solutions: Tip
By Wayne Doust

Digg This - Slashdot This

Posted: 9 Aug 2006
 

Problem

A Forum reader recently asked the following question:

"I'm trying to use a token with iChain, for which I need to install a RADIUS module on my NetWare 6.5 SP5 server. The docs indicate that this is part of NMAS, but the NMAS installation does not offer it as an option!"

And here's a suggestion from Wayne Doust ...

Solution

I've recently completed a token-based installation of iChain. You MUST upgrade to eDirectory 8.7.3.8 and apply ssp201.tgz to the server you want to authenticate to with RADIUS.

RADIUS comes on the iChain authentication server CD under the NMAS directory. It's buried in there somewhere ... You will also need to install the snapins for ConsoleOne.

A trap that I got caught in was trying to apply the RADIUS attribute details for the RADIUS Profile at the container level. If you do this, RADIUS will not work. Simply leave the RADIUS Profile at [DEFAULT]. Do not specify the FDN at the container level; do it in the Profile only.

You will need to get NTRADPING to test and debug Radius - it is invaluable. I spent many late nights debugging my setup, and without this tool it would have been impossible. To download this tool, see:
http://www.novell.com/coolsolutions/tools/14377.html

To debug radius, after it has succesfully loaded type:

RADIUS DEBUG ON
RADIUS DEBUGLOG ON
RADIUS REFRESHCACHE


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell