Skip to content
Permalink
Browse files

More reorg

  • Loading branch information
arr2036 committed Sep 22, 2019
1 parent 20ab1f8 commit 339a1e318ef61d309b01a60aa5da15b92988c4f4
Showing with 33 additions and 33 deletions.
  1. +1 −1 doc/antora/modules/ROOT/nav.adoc
  2. +1 −1 doc/antora/modules/ROOT/pages/modules/ldap_authentication.adoc
  3. +18 −18 doc/antora/modules/howto/nav.adoc
  4. 0 doc/antora/modules/howto/pages/modules/index.adoc
  5. 0 doc/antora/modules/howto/pages/modules/{chap.adoc → rlm/chap/index.adoc}
  6. 0 doc/antora/modules/howto/pages/modules/{eap.adoc → rlm/eap/index.adoc}
  7. 0 doc/antora/modules/howto/pages/modules/{expiration.adoc → rlm/expiration/index.adoc}
  8. 0 doc/antora/modules/howto/pages/modules/{krb5.adoc → rlm/krb5/index.adoc}
  9. 0 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/accounting.adoc
  10. 0 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/authentication.adoc
  11. 0 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/authorization.adoc
  12. +3 −3 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/configuration.adoc
  13. 0 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/docker.adoc
  14. +10 −10 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/index.adoc
  15. 0 doc/antora/modules/howto/pages/modules/{rlm_ldap → rlm/ldap}/ldapsearch.adoc
  16. 0 doc/antora/modules/howto/pages/modules/{mschap.adoc → rlm/mschap/index.adoc}
  17. 0 doc/antora/modules/howto/pages/modules/{pam.adoc → rlm/pam/index.adoc}
  18. 0 doc/antora/modules/howto/pages/modules/{passwd.adoc → rlm/passwd/index.adoc}
  19. 0 doc/antora/modules/howto/pages/modules/{python.adoc → rlm/python/index.adoc}
  20. 0 doc/antora/modules/howto/pages/modules/{soh.adoc → rlm/soh/index.adoc}
  21. 0 doc/antora/modules/howto/pages/modules/{sql.adoc → rlm/sql/index.adoc}
  22. 0 doc/antora/modules/howto/pages/modules/{sqlcounter.adoc → rlm/sqlcounter/index.adoc}
  23. 0 doc/antora/modules/howto/pages/modules/{sqlippool.adoc → rlm/sqlippool/index.adoc}
@@ -1,4 +1,4 @@
* xref:index.adoc[Introduction]
** xref:aaa.adoc[AAA]
** xref:modules/rlm_ldap/index.adoc[LDAP]
** xref:modules/rlm/ldap/index.adoc[LDAP]
*** xref:modules/ldap_authentication.adoc[LDAP]
@@ -41,7 +41,7 @@ involves giving the FreeRADIUS "read-only" user permission to read the
`userPassword` field.

Again, the best method is to test authentication is with the
xref:modules/rlm_ldap/search[ldapsearch] tool. These tests *must* be
xref:modules/rlm/ldap/search[ldapsearch] tool. These tests *must* be
run prior to configuring FreeRADIUS. We strongly recommend having the
LDAP database return the `userPassword` field to FreeRADIUS, so that
FreeRADIUS can authenticate the user.
@@ -1,23 +1,23 @@
* xref:index.adoc[Howto Guides]
** xref:modules/index.adoc[Modules]
*** xref:modules/configuring_modules.adoc[Configuring Modules]
*** xref:modules/chap.adoc[CHAP]
*** xref:modules/RADIUS-LDAP-eDirectory.adoc[RADIUS-LDAP-eDirectory]
*** xref:modules/eap.adoc[EAP]
*** xref:modules/expiration.adoc[Expiration]
*** xref:modules/krb5.adoc[Krb5]
*** xref:modules/rlm_ldap/index.adoc[LDAP]
**** xref:modules/rlm_ldap/search[Testing with ldapsearch]
**** xref:modules/rlm_ldap/configuration[Configuration]
**** xref:modules/rlm_ldap/docker[Docker]
*** xref:modules/mschap.adoc[MS-CHAP]
*** xref:modules/pam.adoc[PAM]
*** xref:modules/passwd.adoc[Passwd]
*** xref:modules/python.adoc[Python]
*** xref:modules/soh.adoc[SoH]
*** xref:modules/sql.adoc[SQL]
*** xref:modules/sqlcounter.adoc[SQL-Counter]
*** xref:modules/sqlippool.adoc[SQL-IP-Pool]
*** xref:modules/configuring_modules/index.adoc[Configuring Modules]
*** xref:modules/rlm/chap/index.adoc[CHAP]
*** xref:modules/rlm/RADIUS-LDAP-eDirectory/index.adoc[RADIUS-LDAP-eDirectory]
*** xref:modules/rlm/eap/index.adoc[EAP]
*** xref:modules/rlm/expiration/index.adoc[Expiration]
*** xref:modules/rlm/krb5/index.adoc[Krb5]
*** xref:modules/rlm/ldap/index.adoc[LDAP]
**** xref:modules/rlm/ldap/search[Testing with ldapsearch]
**** xref:modules/rlm/ldap/configuration[Configuration]
**** xref:modules/rlm/ldap/docker[Docker]
*** xref:modules/rlm/mschap/index.adoc[MS-CHAP]
*** xref:modules/rlm/pam/index.adoc[PAM]
*** xref:modules/rlm/passwd/index.adoc[Passwd]
*** xref:modules/rlm/python/index.adoc[Python]
*** xref:modules/rlm/soh/index.adoc[SoH]
*** xref:modules/rlm/sql/index.adoc[SQL]
*** xref:modules/rlm/sqlcounter/index.adoc[SQL-Counter]
*** xref:modules/rlm/sqlippool/index.adoc[SQL-IP-Pool]
** Vendors
*** xref:vendors/ascend.adoc[Ascend]
*** xref:vendors/bay.adoc[Bay]
No changes.
@@ -1,14 +1,14 @@
= Basic configuration for rlm_ldap
The configuration step should be little more than copying the parameters used by
xref:modules/rlm_ldap/ldapsearch.adoc[ldapsearch] to the
xref:modules/rlm/ldap/ldapsearch.adoc[ldapsearch] to the
xref:raddb:mods-available/ldap.adoc[ldap module] configuration file.

The xref:raddb:mods-available/ldap.adoc[ldap module] configuration file
describes the configuration parameters accepted by the module, and what they do.
This document explains how to perform testing with the LDAP module.

Before configuring the LDAP module, the LDAP parameters should first be
validated via the xref:modules/rlm_ldap/search[`ldapsearch`] command-line tool.
validated via the xref:modules/rlm/ldap/search[`ldapsearch`] command-line tool.

include::howto:partial$pre_test.adoc[]

@@ -19,7 +19,7 @@ possible in the default configuration. The defaults are usually close
to being correct. All that is necessary is to make minor changes, and
_test_ them. FreeRADIUS should look for data.

If the xref:modules/rlm_ldap/search[`ldapsearch`] tests above pass,
If the xref:modules/rlm/ldap/search[`ldapsearch`] tests above pass,
then the LDAP module configuration can be copied directly from the
command-line options to that tool:

@@ -13,7 +13,7 @@ concepts], as these concepts will not be covered in FreeRADIUS documentation.
====
In an Microsoft Active Directory environment you should use `rlm_winbind` for
authentication, and `rlm_ldap` for group membership checks as described in
xref:modules/rlm_ldap/authorization.adoc[authorization] section of this tuorial.
xref:modules/rlm/ldap/authorization.adoc[authorization] section of this tuorial.
The WinBind protocol does not support the full range of group checks that is
possible with LDAP.
====
@@ -30,7 +30,7 @@ users, groups, and possibly clients. We highly recommend using
https://www.openldap.org/[OpenLDAP] for both its flexibility and performance.

If there is not an existing local LDAP server, then it is possible to provision
one using a xref:modules/rlm_ldap/docker.adoc[docker] image, or alternatively,
one using a xref:modules/rlm/ldap/docker.adoc[docker] image, or alternatively,
if you're using a Debian or RHEL based distribution, using the OpenLDAP LTB
https://ltb-project.org/documentation/openldap-rpm[RPMs] or
https://ltb-project.org/documentation/openldap-deb[DEBs].
@@ -45,15 +45,15 @@ where a high level of redundancy is required.
=== 2. Testing

Once an LDAP server is available, it should be tested via the command-line
xref:modules/rlm_ldap/ldapsearch.adoc[ldapsearch] tool. This is to ensure that
xref:modules/rlm/ldap/ldapsearch.adoc[ldapsearch] tool. This is to ensure that
the LDAP server has been configured correctly. If testing via `ldapsearch`
fails, then that *MUST* those issues must be resolved before configuring
FreeRADIUS.

=== 3. Configuring the LDAP module

Once the xref:modules/rlm_ldap/ldapsearch.adoc[ldapsearch] validation tests pass, the
next step is to xref:modules/rlm_ldap/configuration.adoc[configure the LDAP module].
Once the xref:modules/rlm/ldap/ldapsearch.adoc[ldapsearch] validation tests pass, the
next step is to xref:modules/rlm/ldap/configuration.adoc[configure the LDAP module].

OpenLDAP configuration examples detailing how to install appropriate schemas and
populate the server with test data will be provided a the beginning of each
@@ -67,30 +67,30 @@ reference for all the configuration items available for the rlm_ldap module.

=== Authentication

xref:modules/rlm_ldap/authentication.adoc[LDAP authentication] provides
xref:modules/rlm/ldap/authentication.adoc[LDAP authentication] provides
examples of configuring different methods of LDAP based authentication
(search, bind, edir).

=== Authorization

xref:modules/rlm_ldap/authorization.adoc[LDAP authorization] covers
xref:modules/rlm/ldap/authorization.adoc[LDAP authorization] covers
authorization by group, enabling/disabling accounts using attributes, LDAP
attribute to FreeRADIUS attribute mappings, and LDAP profiles.

=== Accounting

xref:modules/rlm_ldap/authorization.adoc[LDAP accounting] shows examples of updating
xref:modules/rlm/ldap/authorization.adoc[LDAP accounting] shows examples of updating
objects in LDAP after authentication completes, or when accounting data is received.

=== Dynamic client definitions

xref:modules/rlm_ldap/authorization.adoc[LDAP dynamic clients] demonstrates how
xref:modules/rlm/ldap/authorization.adoc[LDAP dynamic clients] demonstrates how
client defintions can be created on the fly as packets are received from an
unknown source.

=== Expansion and map functions

xref:modules/rlm_ldap/expansions_and_maps.adoc[LDAP expansions and maps]
xref:modules/rlm/ldap/expansions_and_maps.adoc[LDAP expansions and maps]
provides examples of implementing unlang policies using LDAP `map` and string
expansions.

0 comments on commit 339a1e3

Please sign in to comment.
You can’t perform that action at this time.