Configure an Extreme Networks device as a RADIUS Server.
Use this task to add an Active Directory to an Extreme Networks device acting as a
RADIUS Server.
-
Enter a name.
-
Enter the Windows domain name that the RADIUS authentication server and Active
Directory server both belong to, including parent domains, such as .com, .net,
and .org
-
Select Auto to enable the Active Directory and
ExtremeCloud IQ to automatically supply the Active Directory Server and the base
distinguished name parameters.
-
From the drop-down list, choose a previously-defined IP object or host name for
the Active Directory Server that contains the user
accounts the RADIUS authentication server will authenticate.
If you do not see the one that you need listed, select
New and enter an IP object or host name.
-
Enter the base distinguished name, or the starting point for directory server
searches, and the point in the directory tree structure where the server stores
user accounts.
-
If you selected Manual, enter a Short Domain
Name.
-
If you selected Manual, enter the
Realm name that corresponds to the user account
location, which is often the same as the domain name.
-
Set the organizational unit (OU)
where the Extreme Networks RADIUS server has privileges to add itself as a
computer in the domain or leave it blank.
Note
By default, the RADIUS
server attempts to add itself into
Computers
unless you specify a computer-ou here. Because you might not want to give a
device access to the Computers container, you can create your own OU and
give the device user permissions to create computers (that is, to add
itself) to the specified OU. For example, the computer OU might be
wireless/APs
.
-
Select Enable TLS Encryption to encrypt the user look-up
requests that the Extreme Networks RADIUS server sends to the Active Directory
server.
-
Select NEXT.
-
Select a DNS Server or select plus to create a new
one.
-
Select NEXT.
Continue configuring the server.