RADIUS fails after upgrade from Mac OS X 10.8 server to 10.9 Server

  • 2
  • Question
  • Updated 2 years ago
  • Answered
  • (Edited)
I just updated my Mac OS X server from 10.8.5 (Mountain Lion) to 10.9.3 (Mavericks) Server. Sam had helped me configure RADIUS authentication in 10.8.5 but with the upgrade to 10.9.3, RADIUS has stopped responding. When I use the RADIUS Server Access Test from Hive Manager, I get the error message: The connection attempt to the server timed out.

When I look at the radiusd log in console, I see:

2014-06-20 15:32:57 +0000 - radiusconfig -getconfigxml 

/Library/Server/Previous/private/etc/raddb2014-06-20 15:32:58 +0000 - radiusconfig -installcerts 

/etc/certificates/bravo.bartcharter.org.4D6642EC0CC841A1757C8379A458FDEE7D96C387.key.pem 

/etc/certificates/bravo.bartcharter.org.4D6642EC0CC841A1757C8379A458FDEE7D96C387.cert.pem 

/etc/certificates/bravo.bartcharter.org.4D6642EC0CC841A1757C8379A458FDEE7D96C387.concat.pem

2014-06-20 15:32:58 +0000 - command: /usr/bin/openssl dhparam -check **** -5 1024 -out /Library/Server/radius/raddb/certs/dh

2014-06-20 15:33:25 +0000 - openssl command output:
Generating DH parameters, 1024 bit long safe prime, generator 5

This is going to take a long time

2014-06-20 15:33:25 +0000 - command: /usr/bin/openssl rand -out **** 1024

2014-06-20 15:33:25 +0000 - radiusconfig -setcertpassword

2014-06-20 15:33:25 +0000 - radiusconfig -start
 
and then...nothing.

Anyone have any ideas?

Christopher
Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes

Posted 4 years ago

  • 2
Photo of Brian Ambler

Brian Ambler

  • 245 Posts
  • 126 Reply Likes
I vaguely recall a phone conversation with Sam where he mentioned that things changed from 10.8 to 10.9; perhaps he will see this thread and chime in as I have forgotten the specifics. I will try reaching out to him and see if I can confirm.
Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes
as a followup: 

bravo:~ bartadmin$ radiusd -XFreeRADIUS Version 2.2.0, for host i386-apple-darwin13.0, built on May 13 2014 at 17:28:11
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. 
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A 
PARTICULAR PURPOSE. 
You may redistribute copies of FreeRADIUS under the terms of the 
GNU General Public License v2. 
Starting - reading configuration files ...
including configuration file /Library/Server/radius/raddb/radiusd.conf
including configuration file /Library/Server/radius/raddb/proxy.conf
including configuration file /Library/Server/radius/raddb/clients.conf
including files in directory /Library/Server/radius/raddb/modules/
including configuration file /Library/Server/radius/raddb/modules/acct_unique
including configuration file /Library/Server/radius/raddb/modules/always
including configuration file /Library/Server/radius/raddb/modules/attr_filter
including configuration file /Library/Server/radius/raddb/modules/attr_rewrite
including configuration file /Library/Server/radius/raddb/modules/cache
including configuration file /Library/Server/radius/raddb/modules/chap
including configuration file /Library/Server/radius/raddb/modules/checkval
including configuration file /Library/Server/radius/raddb/modules/counter
including configuration file /Library/Server/radius/raddb/modules/cui
including configuration file /Library/Server/radius/raddb/modules/detail
including configuration file /Library/Server/radius/raddb/modules/detail.example.com
including configuration file /Library/Server/radius/raddb/modules/detail.log
including configuration file /Library/Server/radius/raddb/modules/dhcp_sqlippool
including configuration file /Library/Server/radius/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /Library/Server/radius/raddb/modules/digest
including configuration file /Library/Server/radius/raddb/modules/dynamic_clients
including configuration file /Library/Server/radius/raddb/modules/echo
including configuration file /Library/Server/radius/raddb/modules/etc_group
including configuration file /Library/Server/radius/raddb/modules/exec
including configuration file /Library/Server/radius/raddb/modules/expiration
including configuration file /Library/Server/radius/raddb/modules/expr
including configuration file /Library/Server/radius/raddb/modules/files
including configuration file /Library/Server/radius/raddb/modules/inner-eap
including configuration file /Library/Server/radius/raddb/modules/ippool
including configuration file /Library/Server/radius/raddb/modules/krb5
including configuration file /Library/Server/radius/raddb/modules/ldap
including configuration file /Library/Server/radius/raddb/modules/linelog
including configuration file /Library/Server/radius/raddb/modules/logintime
including configuration file /Library/Server/radius/raddb/modules/mac2ip
including configuration file /Library/Server/radius/raddb/modules/mac2vlan
including configuration file /Library/Server/radius/raddb/modules/mschap
including configuration file /Library/Server/radius/raddb/modules/ntlm_auth
including configuration file /Library/Server/radius/raddb/modules/opendirectory
including configuration file /Library/Server/radius/raddb/modules/otp
including configuration file /Library/Server/radius/raddb/modules/pam
including configuration file /Library/Server/radius/raddb/modules/pap
including configuration file /Library/Server/radius/raddb/modules/passwd
including configuration file /Library/Server/radius/raddb/modules/perl
including configuration file /Library/Server/radius/raddb/modules/policy
including configuration file /Library/Server/radius/raddb/modules/preprocess
including configuration file /Library/Server/radius/raddb/modules/radrelay
including configuration file /Library/Server/radius/raddb/modules/radutmp
including configuration file /Library/Server/radius/raddb/modules/realm
including configuration file /Library/Server/radius/raddb/modules/redis
including configuration file /Library/Server/radius/raddb/modules/rediswho
including configuration file /Library/Server/radius/raddb/modules/replicate
including configuration file /Library/Server/radius/raddb/modules/smbpasswd
including configuration file /Library/Server/radius/raddb/modules/smsotp
including configuration file /Library/Server/radius/raddb/modules/soh
including configuration file /Library/Server/radius/raddb/modules/sql_log
including configuration file /Library/Server/radius/raddb/modules/sqlcounter_expire_on_login
including configuration file /Library/Server/radius/raddb/modules/sradutmp
including configuration file /Library/Server/radius/raddb/modules/unix
including configuration file /Library/Server/radius/raddb/modules/wimax
including configuration file /Library/Server/radius/raddb/eap.conf
Unable to open file "/Library/Server/radius/raddb/eap.conf": Permission denied
Errors reading or parsing /Library/Server/radius/raddb/radiusd.conf

I imagine the offending line is: unable to open file "/Library/Server/radius/raddb/eap.conf" permission denied.


Photo of Brian Ambler

Brian Ambler

  • 245 Posts
  • 126 Reply Likes
Hi Christopher,

First of all, all credit goes to Sam Keys for doing all of the legwork in writing these guides, but it looks like Apple changed the location of the FreeRADIUS working directory to from /etc/raddb to /Library/Server/radius/raddb.

You can find the updated 1.2 version of the configuration document you mentioned here

Hope this helps
Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
Hi Chris,

Please post the output of this command:

ls -alf /Library/Server/radius/raddb/
Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes
Sam,

bravo:~ bartadmin$ ls -alf /Library/Server/radius/raddb/total 112
drwxr-xr-x  31 root  wheel   1054 Jun 20 11:33 .
drwxr-xr-x   4 root  wheel    136 Jun 20 11:33 ..
-rw-r--r--   1 root  wheel    671 Jun 20 11:26 acct_users
-rw-r--r--   1 root  wheel   4174 Jun 20 11:26 attrs
-rw-r--r--   1 root  wheel    513 Jun 20 11:26 attrs.access_challenge
-rw-r--r--   1 root  wheel    481 Jun 20 11:26 attrs.access_reject
-rw-r--r--   1 root  wheel    437 Jun 20 11:26 attrs.accounting_response
-rw-r--r--   1 root  wheel   2022 Jun 20 11:26 attrs.pre-proxy
drwxr-xr-x  12 root  wheel    408 Jun 20 11:33 certs
-rw-r--r--   1 root  wheel   6714 Jun 20 11:26 clients.conf
-rw-r--r--   1 root  wheel    921 Jun 20 11:26 dictionary
-rw-------   1 root  wheel  22265 Jun 20 11:33 eap.conf
-rwxr-xr-x   1 root  wheel   5105 Jun 20 11:26 example.pl
-rw-r--r--   1 root  wheel  12949 Jun 20 11:26 experimental.conf
-rw-r--r--   1 root  wheel   2352 Jun 20 11:26 hints
-rw-r--r--   1 root  wheel   1604 Jun 20 11:26 huntgroups
-rw-r--r--   1 root  wheel   3218 Jun 20 11:26 ldap.attrmap
drwxr-xr-x  55 root  wheel   1870 May 13 20:29 modules
-rw-r--r--   1 root  wheel   6364 Jun 20 11:26 policy.conf
-rw-r--r--   1 root  wheel   4873 Jun 20 11:26 policy.txt
-rw-r--r--   1 root  wheel    984 Jun 20 11:26 preproxy_users
-rw-r--r--   1 root  wheel  26875 Jun 20 11:26 proxy.conf
-rw-r--r--   1 root  wheel  28041 Jun 20 11:26 radiusd.conf
drwxr-xr-x  21 root  wheel    714 May 13 20:28 sites-available
drwxr-xr-x   5 root  wheel    170 Jun 20 11:26 sites-enabled
drwxr-xr-x   8 root  wheel    272 May 13 20:29 sql
-rw-r--r--   1 root  wheel   3057 Jun 20 11:26 sql.conf
-rw-r--r--   1 root  wheel   2475 Jun 20 11:26 sqlippool.conf
-rw-------   1 root  wheel      0 Jun 20 11:33 sqlite_radius_client_database
-rw-r--r--   1 root  wheel   3597 Jun 20 11:26 templates.conf
-rw-r--r--   1 root  wheel   6846 Jun 20 11:26 users


Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
Permissions are wrong for eap.conf

Type sudo chmod 644 /Library/Server/radius/raddb/eap.conf
Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes
Sam,

After that change I get:

Starting - reading configuration files ...

including configuration file /Library/Server/radius/raddb/radiusd.conf

including configuration file /Library/Server/radius/raddb/proxy.conf

including configuration file /Library/Server/radius/raddb/clients.conf

including files in directory /Library/Server/radius/raddb/modules/

including configuration file /Library/Server/radius/raddb/modules/acct_unique

including configuration file /Library/Server/radius/raddb/modules/always

including configuration file /Library/Server/radius/raddb/modules/attr_filter

including configuration file /Library/Server/radius/raddb/modules/attr_rewrite

including configuration file /Library/Server/radius/raddb/modules/cache

including configuration file /Library/Server/radius/raddb/modules/chap

including configuration file /Library/Server/radius/raddb/modules/checkval

including configuration file /Library/Server/radius/raddb/modules/counter

including configuration file /Library/Server/radius/raddb/modules/cui

including configuration file /Library/Server/radius/raddb/modules/detail

including configuration file /Library/Server/radius/raddb/modules/detail.example.com

including configuration file /Library/Server/radius/raddb/modules/detail.log

including configuration file /Library/Server/radius/raddb/modules/dhcp_sqlippool

including configuration file /Library/Server/radius/raddb/sql/mysql/ippool-dhcp.conf

including configuration file /Library/Server/radius/raddb/modules/digest

including configuration file /Library/Server/radius/raddb/modules/dynamic_clients

including configuration file /Library/Server/radius/raddb/modules/echo

including configuration file /Library/Server/radius/raddb/modules/etc_group

including configuration file /Library/Server/radius/raddb/modules/exec

including configuration file /Library/Server/radius/raddb/modules/expiration

including configuration file /Library/Server/radius/raddb/modules/expr

including configuration file /Library/Server/radius/raddb/modules/files

including configuration file /Library/Server/radius/raddb/modules/inner-eap

including configuration file /Library/Server/radius/raddb/modules/ippool

including configuration file /Library/Server/radius/raddb/modules/krb5

including configuration file /Library/Server/radius/raddb/modules/ldap

including configuration file /Library/Server/radius/raddb/modules/linelog

including configuration file /Library/Server/radius/raddb/modules/logintime

including configuration file /Library/Server/radius/raddb/modules/mac2ip

including configuration file /Library/Server/radius/raddb/modules/mac2vlan

including configuration file /Library/Server/radius/raddb/modules/mschap

including configuration file /Library/Server/radius/raddb/modules/ntlm_auth

including configuration file /Library/Server/radius/raddb/modules/opendirectory

including configuration file /Library/Server/radius/raddb/modules/otp

including configuration file /Library/Server/radius/raddb/modules/pam

including configuration file /Library/Server/radius/raddb/modules/pap

including configuration file /Library/Server/radius/raddb/modules/passwd

including configuration file /Library/Server/radius/raddb/modules/perl

including configuration file /Library/Server/radius/raddb/modules/policy

including configuration file /Library/Server/radius/raddb/modules/preprocess

including configuration file /Library/Server/radius/raddb/modules/radrelay

including configuration file /Library/Server/radius/raddb/modules/radutmp

including configuration file /Library/Server/radius/raddb/modules/realm

including configuration file /Library/Server/radius/raddb/modules/redis

including configuration file /Library/Server/radius/raddb/modules/rediswho

including configuration file /Library/Server/radius/raddb/modules/replicate

including configuration file /Library/Server/radius/raddb/modules/smbpasswd

including configuration file /Library/Server/radius/raddb/modules/smsotp

including configuration file /Library/Server/radius/raddb/modules/soh

including configuration file /Library/Server/radius/raddb/modules/sql_log

including configuration file /Library/Server/radius/raddb/modules/sqlcounter_expire_on_login

including configuration file /Library/Server/radius/raddb/modules/sradutmp

including configuration file /Library/Server/radius/raddb/modules/unix

including configuration file /Library/Server/radius/raddb/modules/wimax

including configuration file /Library/Server/radius/raddb/eap.conf

including configuration file /Library/Server/radius/raddb/sql.conf

including configuration file /Library/Server/radius/raddb/sql/sqlite/dialup.conf

including configuration file /Library/Server/radius/raddb/policy.conf

including files in directory /Library/Server/radius/raddb/sites-enabled/

including configuration file /Library/Server/radius/raddb/sites-enabled/control-socket

including configuration file /Library/Server/radius/raddb/sites-enabled/default

including configuration file /Library/Server/radius/raddb/sites-enabled/inner-tunnel

including dictionary file /Library/Server/radius/raddb/dictionary

main {

name = "radiusd"

prefix = "/Applications/Server.app/Contents/ServerRoot/usr"

localstatedir = "/private/var"

sbindir = "/Applications/Server.app/Contents/ServerRoot/usr/sbin"

logdir = "/private/var/log/radius"

run_dir = "/private/var"

libdir = "/Applications/Server.app/Contents/ServerRoot/usr/lib/freeradius"

radacctdir = "/private/var/log/radius/radacct"

hostname_lookups = no

max_request_time = 30

cleanup_delay = 5

max_requests = 1024

pidfile = "/private/var/radiusd.pid"

checkrad = "/Applications/Server.app/Contents/ServerRoot/usr/sbin/checkrad"

debug_level = 0

proxy_requests = yes

 log {

stripped_names = no

auth = no

auth_badpass = no

auth_goodpass = no

 }

 security {

max_attributes = 200

reject_delay = 1

status_server = yes

 }

}

radiusd: #### Loading Realms and Home Servers ####

 proxy server {

retry_delay = 5

retry_count = 3

default_fallback = no

dead_time = 120

wake_all_if_all_dead = no

 }

 home_server localhost {

ipaddr = 127.0.0.1

port = 1812

type = "auth"

secret = "testing123"

response_window = 20

max_outstanding = 65536

require_message_authenticator = yes

zombie_period = 40

status_check = "status-server"

ping_interval = 30

check_interval = 30

num_answers_to_alive = 3

num_pings_to_alive = 3

revive_interval = 120

status_check_timeout = 4

  coa {

irt = 2

mrt = 16

mrc = 5

mrd = 30

  }

 }

 home_server_pool my_auth_failover {

type = fail-over

home_server = localhost

 }

 realm example.com {

auth_pool = my_auth_failover

 }

 realm LOCAL {

 }

radiusd: #### Loading Clients ####

 client localhost {

ipaddr = 127.0.0.1

require_message_authenticator = no

secret = "testing123"

nastype = "other"

 }

radiusd: #### Instantiating modules ####

 instantiate {

 Module: Linked to module rlm_exec

 Module: Instantiating module "exec" from file /Library/Server/radius/raddb/modules/exec

  exec {

wait = no

input_pairs = "request"

shell_escape = yes

  }

 Module: Linked to module rlm_expr

 Module: Instantiating module "expr" from file /Library/Server/radius/raddb/modules/expr

 Module: Linked to module rlm_expiration

 Module: Instantiating module "expiration" from file /Library/Server/radius/raddb/modules/expiration

  expiration {

reply-message = "Password Has Expired  "

  }

 Module: Linked to module rlm_logintime

 Module: Instantiating module "logintime" from file /Library/Server/radius/raddb/modules/logintime

  logintime {

reply-message = "You are calling outside your allowed timespan  "

minimum-timeout = 60

  }

 Module: Linked to module rlm_sql

 Module: Instantiating module "sql" from file /Library/Server/radius/raddb/sql.conf

  sql {

driver = "rlm_sql_sqlite"

server = "localhost"

port = ""

login = "radius"

password = "radpass"

radius_db = "radius"

read_groups = yes

sqltrace = no

sqltracefile = "/private/var/log/radius/sqltrace.sql"

readclients = yes

deletestalesessions = yes

num_sql_socks = 5

lifetime = 0

max_queries = 0

sql_user_name = "%{User-Name}"

default_user_profile = ""

nas_query = "SELECT id,nasname,shortname,type,secret FROM nas"

authorize_check_query = ""

authorize_group_check_query = ""

authorize_group_reply_query = ""

accounting_onoff_query = ""

accounting_update_query = ""

accounting_update_query_alt = ""

accounting_start_query = ""

accounting_start_query_alt = ""

accounting_stop_query = ""

accounting_stop_query_alt = ""

connect_failure_retry_delay = 60

simul_count_query = ""

simul_verify_query = ""

postauth_query = ""

safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"

  }

rlm_sql (sql): Driver rlm_sql_sqlite (module rlm_sql_sqlite) loaded and linked

rlm_sql (sql): Attempting to connect to radius@localhost:/radius

rlm_sql (sql): starting 0

rlm_sql (sql): Attempting to connect rlm_sql_sqlite #0

rlm_sql_sqlite: Opening sqlite database /Library/Server/radius/raddb/sqlite_radius_client_database for #0

rlm_sql_sqlite: sqlite3_open() = 14 

rlm_sql (sql): Failed to connect DB handle #0

rlm_sql (sql): starting 1

rlm_sql (sql): starting 2

rlm_sql (sql): starting 3

rlm_sql (sql): starting 4

rlm_sql (sql): Failed to connect to any SQL server.

rlm_sql (sql): Processing generate_sql_clients

rlm_sql (sql) in generate_sql_clients: query is SELECT id,nasname,shortname,type,secret FROM nas

rlm_sql (sql): Ignoring unconnected handle 4..

rlm_sql (sql): Ignoring unconnected handle 3..

rlm_sql (sql): Ignoring unconnected handle 2..

rlm_sql (sql): Ignoring unconnected handle 1..

rlm_sql (sql): Ignoring unconnected handle 0..

rlm_sql (sql): There are no DB handles to use! skipped 5, tried to connect 0

Failed to load clients from SQL.

rlm_sql (sql): Closing sqlsocket 4

rlm_sql_sqlite: sql_destroy_socket noop. 

rlm_sql (sql): Closing sqlsocket 3

rlm_sql_sqlite: sql_destroy_socket noop. 

rlm_sql (sql): Closing sqlsocket 2

rlm_sql_sqlite: sql_destroy_socket noop. 

rlm_sql (sql): Closing sqlsocket 1

rlm_sql_sqlite: sql_destroy_socket noop. 

rlm_sql (sql): Closing sqlsocket 0

rlm_sql_sqlite: sqlite3_close() = 0 

/Library/Server/radius/raddb/sql.conf[22]: Instantiation failed for module "sql"



Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
Eh... Wonder why SQL is in there. Try removing it.

sudo mv /Library/Server/radius/raddb/sql.conf /Library/Server/radius/raddb/sql.disabled
Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes
after:

including configuration file /Library/Server/radius/raddb/modules/sqlcounter_expire_on_login

including configuration file /Library/Server/radius/raddb/modules/sradutmp

including configuration file /Library/Server/radius/raddb/modules/unix

including configuration file /Library/Server/radius/raddb/modules/wimax

including configuration file /Library/Server/radius/raddb/eap.conf

including configuration file /Library/Server/radius/raddb/sql.conf

Unable to open file "/Library/Server/radius/raddb/sql.conf": No such file or directory

Errors reading or parsing /Library/Server/radius/raddb/radiusd.conf



Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
Email me radiusd.conf please :)
Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
Comment out the inclusion of sql.conf on line 700 by adding a hash (#) in front of it.

Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes
ERROR: Cannot find a configuration entry for module "sql". 
Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
Fixed by commenting out the line in sql.conf 

readclients = yes
Photo of Christopher Tawes

Christopher Tawes

  • 39 Posts
  • 4 Reply Likes
So...Sam took me through a number of files that needed adjustments:
eap.conf
users.conf
radiusd.conf
users
modules.default
sites-enabled.default

It seems that during the upgrade from 10.8.5 to 10.9.3 all of the adjustments we made were reset to the defaults and that broke everything.

Thanks again for all the help!
Photo of Christopher Tawes

Christopher Tawes

  • 14 Posts
  • 2 Reply Likes
We ended up restoring the conf files using a backup. For some reason the 10.8/10.9 upgrade over-wrote the custom settings. 
Photo of Florian Cokl

Florian Cokl

  • 3 Posts
  • 0 Reply Likes
what if you don't have them anymore?!

BTW, are you 100% sure that paths and files haven't changed between 10.8 and 10.9?

Is the freeradius-server-version the same with 10.8 as with 10.9 (2.2.0?)? Would you dare to build and install/upgrade the latest version (3.0.4) of freeradius-server or update to 2.2.5?

How would you remove the current freeradius-server? Must (some) files be removed manually to be 100% sure no orphaned (maybe again problem causing) code is left over?
Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
The paths have changed.

10.8 and below = /etc/raddb

10.9 & 10.10 =  /Library/Server/radius/raddb    

I will email you the latest guide Florian.
Photo of Dennis Phillip

Dennis Phillip

  • 1 Post
  • 0 Reply Likes
How could I get the guide?

I am using OSX10.9.5

Running into problems and trying to figure out how to set up my radius 2.2 to work properly with my Aerohive 230 and hive manager ng.

Called Aerohive Tech support and they did not know who you were or ho to get ahold of you.  They also did not know about the previous guide: 
P/N 330073-01, Rev. A

Thanks for any help you can provide.


Dennis
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Sam Keys no longer works at Aerohive, having moved to Fortinet.
(Edited)
Photo of Marco Verleun

Marco Verleun

  • 6 Posts
  • 0 Reply Likes
The App Store has an easy to use tool to configure Radius on an OS X server: https://itunes.apple.com/nl/app/admin-tool-radius/id627944189?l=en&mt=12
Photo of Florian Cokl

Florian Cokl

  • 3 Posts
  • 0 Reply Likes
How would I log in?! I've tried local accounts, I've tried network-accounts (OD) but no success so far!
Photo of Sam

Sam

  • 120 Posts
  • 31 Reply Likes
We do not recommend unverified third party tools.
Photo of Mark Wade

Mark Wade

  • 1 Post
  • 0 Reply Likes
Hi, i am thinking of setting up RADIUS for my school (using multiple airport extremes). Need to be able to have student permissions (on server) used over wifi (in terms of websites they can access) which is different to staff using same wifi. 

Any manual for setting up this form scratch (never used RADIUS before) - I am using Mavericks Server.

Mark
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Mark,

What you want is not something that is going to work with Apple's Airport Extremes as there's no support in those for the required primitives: dynamic VLAN assignment or user profile assignment to a client's association.

Apple's APs are home user to SMB class so it is out of their scope.

Nick
(Edited)