5.1 Prerequisites to Configure eDirectory Users for RADIUS Authentication

  • Download and install the Novell iManager plug-in for RADIUS from the Novell Download site .

    Ensure that you configure the iManager plug-in with an SSL/TLS connection to eDirectory for RADIUS to work with iManager plug-in. For more information, refer to the “Secure LDAP Certificates” in the iManager 2.7.x Administration Guide.

  • Extend the eDirectory schema to add the FreeRADIUS schema. For more information, refer to Extending the eDirectory Schema for RADIUS.

5.1.1 Configuring iManager Plug-In for RADIUS

You need to configure the iManager plug-in with an SSL/TLS connection to eDirectory for RADIUS to work with the iManager plug-in. You can have the RADIUS iManager plug-in and iManager on same machine or on two different machines.

  • If you configure RADIUS iManager plug-in and iManager on same machine, then iManager is configured for SSL/TLS connection to eDirectory by default.

  • If you want to configure the RADIUS iManager plug-in and iManager on different machines, you need to manually configure the iManager for SSL/TLS connection to eDirectory. For more information, refer to the iManager 2.7 Administration Guide.

5.1.2 Extending the eDirectory Schema for RADIUS

There are three possible scenarios for extending the eDirectory schema for RADIUS.

Extending the Schema if a Mapping Already Exists between RADIUS:Profile and rADIUSProfile

  1. In iManager, click the Roles and Tasks button .

  2. Click LDAP > LDAP Options.

  3. Select View LDAP Groups and click the group corresponding to the LDAP server you want to use.

  4. Select Class Map.

  5. Select the RADIUS:Profile to rADIUSProfile mapping.

  6. Click Edit.

  7. Change the primary LDAP class name to anything other than rADIUSProfile, such as novellradiusprofile.

  8. Click Apply.

  9. Refresh the LDAP server.

  10. Click RADIUS > Extend schema for RADIUS.

  11. Click OK.

Extending the Schema if a Mapping Does Not Exist between RADIUS:Profile and rADIUSProfile

  1. In iManager, click the Roles and Tasks button .

  2. Click LDAP > LDAP Options:

  3. Select View LDAP Groups and click the group corresponding to the LDAP server you want to use.

  4. Select Class Map.

  5. Click Add mapping button.

  6. In the eDirectory class drop-down list, select RADIUS:Profile.

  7. Change the primary LDAP class name to anything other than rADIUSProfile, such as novellradiusprofile.

  8. Click OK.

  9. Refresh the LDAP server.

  10. Click RADIUS > Extend schema for RADIUS.

  11. Click OK.

Extending the Schema if a Mapping Already Exists between RADIUS:Profile and Another Attribute

To extend the schema if a mapping already exists between RADIUS:Profile and any name other than rADIUSProfile:

  1. In iManager, click the Roles and Tasks button .

  2. Click RADIUS > Extend schema for RADIUS.

  3. Click OK.