I use this on sme9 to auth my wifi-clients:

** WPA2-Enterprise SME9 **

  • install freeradius-utils
    yum -y install freeradius-utils

  • set hostname in webinterface
    ap01.privat.lan (192.168.xxx.1)

  • set radiuskey
    db hosts setprop ap01.privat.lan RadiusKey my-radiuskey
    signal-event remoteaccess-update

  • mkdir for template
    mkdir -p /etc/e-smith/templates-custom/etc/raddb/users/

  • create file for template
    nano /etc/e-smith/templates-custom/etc/raddb/users/40ldap

  • put this into 40ldap
    DEFAULT Auth-Type := LDAP

  • expand template
    expand-template /etc/raddb/users

  • public status enabled
    db configuration setprop radiusd TCPPort 1812 access public status enabled
    signal-event remoteaccess-update

  • test local on sme9 (password from /etc/raddb/clients.conf)
    radtest admin ‘my-sme9-admin-password’ localhost 10 my-client-pwd-from-clients.conf

I would like to do it the same way on nethserver, is it possible ?
How should the commands looks like ?

1 Like

Last time I evaluated this feature I had a problem with passwords, but it was a long time ago (probably an early alpha of NethServer 6).
I will try to re-evaluate this setup with NethServer 7, but I’m going on vacation soon, I will not be able to work on it.
At first glance, the above commands seem to be valid for NethServer, but I think that the samba accounts provider has better probabilities to work with wpa2.
Let’s sync up at the beginning of May.

OK, May is also good, happy easter to you …

Any suggestions, how this could work on NethServer7 ?

I began working on this last week, but I still have nothing to share ATM.

TNX Filippo…

Still no success authenticating samba AD users through radius.
I’m going to try with ldap as accounts provider.