Novell Home

A New Way to Run RADIUS

Novell Cool Solutions: Tip

Digg This - Slashdot This

Posted: 30 Sep 2004
 

Did you know there's a way to use NMAS RADIUS without also running BorderManager 3.8 or eDirectory 8.7.3? Here's a tip sent in by reader Stuart Park explaining how to do that very thing.


Note: Before you begin, download the BorderManager 3.8 evaluation from Novell's download site. The user must have Admin rights to the tree and the security container.

eDirectory Setup

  1. View the properties of the Login Policy Object from ConsoleOne (in the Security container). If one of the tabs is an evaluation tab, this is a good indication that NMAS has not been fully set up.
  2. If NMAS has not been setup (either through running the BorderManager 3.8 install or eDirectory 8.7.3 install), then run the following from a server console: nmasinst -m <admin.org> <password>


  3. This will update the NMAS and Login Policy Object with the correct attributes. For the output log check SYS:\ETC\NMAS\NMASInst.log. The evaluation tab on the Login Policy Object will disappear.

  4. Use NMAS snapins for ConsoleOne from BorderManager 3.8, not from the Novell download site. The NMAS snapins from the download site will not create the RADIUS object correctly and may hang ConsoleOne.
  5. Create a dialup access object (DAS) using ConsoleOne.
  6. Configure the necessary clients.
  7. Set up rules in the Login Policy Object using ConsoleOne. (Note that rules set in NWAdmin will not show in ConsoleOne and vica versa.)
  8. Select the created DAS object.

Server Setup

  1. Copy the RADIUS.NLM and BAUTHPXY.NLM files from the BorderManager 3.8 install into SYS:\SYSTEM\
  2. Create NCF files to start and stop RADIUS.


  3. For example:

    RADUP.NCF

    load bauthpxy
    load radius.nlm name=.das_object.org password=radius_password

    RADDN.NCF

    unload radius
    unload bauthpxy

  4. Start RADIUS. If accounting is enabled (by default), an error will appear.
  5. Stop RADIUS. The RADIUS directory structure will be created under the server's SYS:\ETC\ directory.
  6. From the BorderManager 3.8 install, copy the RADACCT.ATR file into SYS:\ETC\RADIUS\
  7. Restart RADIUS. The previous error will not appear again.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell