After all the emails (thank you for your help) I have most of my Mac OS X clients authenticating to FreeIPA over wireless. Clients running on a 2014 or newer 10.12.5 and up won't work. I suspect this has to do with the TLS version.
Tell me if I'm approaching this the right way.
I am trying to apply a certificate FROM FreeIPA to FreeRADIUS. I am also trying to register the service within FreeIPA but strugglging with some of the syntax.
I have been following this:
| | FreeIPA: Giving permissions to service accounts. — Firstyear's blog-a-log Firstyear`s blog-a-log | | |
I'm having some trouble adding the privileges and roles:
[andrew.meyer@radius01 ~]$ ipa privilege-add-permission 'Radius service' --permission='Radius Service'
Privilege name: Radius Service
Description: Privileges needed to allow radiusd servers to operate
Failed members:
permission: Radius Service: permission not found
-----------------------------
Number of permissions added 0
-----------------------------
[andrew.meyer@radius01 ~]$ ipa privilege-add-permission 'Radius service' --permission='Radius service'
Privilege name: Radius Service
Description: Privileges needed to allow radiusd servers to operate
Failed members:
permission: Radius service: permission not found
-----------------------------
Number of permissions added 0
-----------------------------
[andrew.meyer@radius01 ~]$ ipa role-add 'Radius server' --desc="Radius server role"
--------------------------
Added role "Radius server"
--------------------------
Role name: Radius server
Description: Radius server role
[andrew.meyer@radius01 ~]$ ipa role-add-privilege --privileges="Radius services" 'Radius server'
Role name: Radius server
Description: Radius server role
Failed members:
privilege: Radius services: privilege not found
----------------------------
Number of privileges added 0
----------------------------
[andrew.meyer@radius01 ~]$