ThomasHabets
commented
5 years ago I can't follow this at all.
Closed rayjohno closed 5 years ago
ThomasHabets
commented
5 years ago I can't follow this at all.
davama
commented
5 years ago Yeah... i was gonna comment too, but wasnt sure what he was saying...
Explain a little more?
rayjohno
commented
5 years ago i revised the topic and explanation.. i hope this is more clear.
davama
commented
5 years ago So want to configure RADIUS to have redundant ADs?
Freeradius should allow this. Wiki?
This is a freeradius question. Assuming using freeradius.
Unless misunderstood.
We have freeradius but use ldap module which of course allows redundancy. Im assuming youd use the same module for AD.
rayjohno
commented
5 years ago Its not the AD i want to have redundancy... Its the radius server...
If the single radius server goes down... 2FA will go down...
I need to have redundant radius... yes it is freeradiuszz
davama
commented
5 years ago And which application interfaces with radius?
Sssd (not sure if possible)? Pam_radius? Nignx?
rayjohno
commented
5 years ago basically i need a FREERADIUS under RHEL that is clusterd - HA. This is where google authenticator is installed. Whenever FREERADIUS1 goes down, we still have second radius server to function. Thus 2FA is still operational.
davama
commented
5 years ago This is a freeradius question Ask the mailing list
rayjohno
commented
5 years ago Its still related to Google PAM. I just need to install google pam on an HA Radius. How would it be possible.
ThomasHabets
commented
5 years ago I don't know. Still sounds like a freeradius question.
davama
commented
5 years ago google libpam relies on the GA secret files which live in HOME directory.
Install google pam in each radius srv
If you sync those files across your radius servers then maybe have HA setup? Havent tested but sounds like it can work.
Google PAM to RADIUS+ Active Directory Integration Details:
OBJECTIVE
Request