Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
technical:ldap-integration [2025/02/15 06:59] – [Introduction] system | technical:ldap-integration [2025/02/15 21:00] (current) – system | ||
---|---|---|---|
Line 8: | Line 8: | ||
====== Introduction ====== | ====== Introduction ====== | ||
- | * RADIUSdesk has become a popular choice for enterprise deployments due to its flexibility and user friendly | + | * RADIUSdesk has become a popular choice for enterprise deployments due to its flexibility and a user-friendly |
- | * We now also offer our enterprise customers the option of LDAP integration for managing | + | * We now also offer our enterprise customers the option of LDAP integration for managing |
- | * In this document we will cover the configuration and testing of LDAP integration in RADIUSdesk. | + | * In this document, we will cover the configuration and testing of LDAP integration in RADIUSdesk. |
- | <alert type=" | + | ----------------- |
- | * To switch between Clouds; there is a **Cloud** selector at the top right. | + | |
- | * There is a dedicated page on how clouds work in RADIUSdesk. | + | |
- | </ | + | |
- | ===== Overview ===== | + | |
- | | + | ====== Required Packages ====== |
- | * There is a view for the networks | + | |
+ | * In the past we used the Auth **Component** which is now being replaced by the Authentication | ||
+ | * The rdcore git code from 15 February onward will have the Authentication plugin included and active. | ||
+ | * To add LDAP capability you also need to install the LDAP php library on the system hosting RADIUSdesk. | ||
+ | <code bash> | ||
+ | sudo apt-get install php-ldap | ||
+ | </ | ||
- | ---------- | + | ----------------- |
- | ===== Users ===== | + | ====== LDAP Authentication Process ====== |
- | * In this section, you manage the RADIUS users and include | + | |
- | * Permanent Users | + | |
- | * Vouchers | + | |
- | * BYOD | + | |
- | * Activity Viewer | + | |
- | * Top-Ups | + | |
- | ===== RADIUS | + | ===== Bind (Initial Connection) |
- | * This section contains all elements related to RADIUS users (previous section) | + | |
- | * RADIUS Clients | + | |
- | * Profiles | + | |
- | * Realms | + | - **Bind response:** If the credentials are valid, the server responds with a bind response, indicating a successful connection. |
- | ----------------- | + | ===== Search |
- | ===== Network | + | |
- | * In this section you manage | + | |
- | * MESHdesk | + | |
- | | + | |
- | | + | |
- | | + | |
- | * New Arrivals | + | |
- | ---------------- | + | ===== Bind on Search Result with Password |
- | + | | |
- | ===== Login Pages ===== | + | - **Client extracts DN:** The client extracts |
- | * In this section you will find the dynamic login pages that can be used by the RADIUS | + | - **Bind request with DN and password:** The client sends a new bind request to the server, using the extracted DN and the user-provided password. |
+ | - **Server authenticates: | ||
+ | - **Bind response:** If the credentials are valid, the server responds with a bind response, indicating a successful authentication. | ||
---------- | ---------- | ||
- | ===== Other ===== | + | ---------- |
- | * This section contains | + | ====== Configure LDAP ====== |
- | * Settings (root users only) | + | * LDAP Integration is configured under the settings tab. |
- | * Clouds | + | * One item that needs a bit more explanation is Filter. |
- | * Admins | + | * The filter contains a special character |
- | * Hardware | + | * For active directory it will typically be **(& |
- | | + | * This filter will be applied when searching to find the DN of the user who needs to be authenticated. |
- | | + | |
- | | + | <panel type=" |
- | * Accel-ppp Servers | + | {{: |
- | + | </ | |
- | + | ||
+ | --------- | ||
+ | ====== Test LDAP Settings ====== | ||
+ | * There is also a **Test LDAP Settings** Button that helps you to test the LDAP settings to ensure they work as intended. | ||
+ | * The tests that will be done will be matching the **LDAP Authentication Process** described earlier on this page. | ||
+ | <panel type=" | ||
+ | {{: | ||
+ | </ | ||