Professional Documents
Culture Documents
007-012796-001 SAS FreeRADIUS Upgrade Guide RevB
007-012796-001 SAS FreeRADIUS Upgrade Guide RevB
Trademarks
All intellectual property is protected by copyright. All trademarks and product names used or referred to are the
copyright of their respective owners. No part of this document may be reproduced, stored in a retrieval system
or transmitted in any form or by any means, electronic, mechanical, chemical, photocopy, recording, or
otherwise, without the prior written permission of SafeNet, Inc.
Disclaimer
SafeNet makes no representations or warranties with respect to the contents of this document and specifically
disclaims any implied warranties of merchantability or fitness for any particular purpose. Furthermore, SafeNet
reserves the right to revise this publication and to make changes from time to time in the content hereof without
the obligation upon SafeNet to notify any person or organization of any such revisions or changes.
We have attempted to make these documents complete, accurate, and useful, but we cannot guarantee them to
be perfect. When we discover errors or omissions, or they are brought to our attention, we endeavor to correct
them in succeeding releases of the product.
SafeNet invites constructive comments on the contents of this document. These comments, together with your
personal and/or company details, should be sent to the address or email below.
Email TechPubs@safenet-inc.com
Contents
Introduction ............................................................................................................................................................ 4
Prerequisites.......................................................................................................................................................... 4
FreeRADIUS Updater ............................................................................................................................................ 4
Prerequisites ................................................................................................................................................... 4
Upgrading FreeRADIUS Updater ................................................................................................................... 4
FreeRADIUS Agent Upgrade ................................................................................................................................ 7
Prerequisites ................................................................................................................................................... 7
Upgrading FreeRADIUS Agent ....................................................................................................................... 7
Support Contacts ................................................................................................................................................. 11
Prerequisites
The following prerequisites are required prior to upgrading the SAS FreeRADIUS Agent and FreeRADIUS
Updater:
cryptocard-freeradius-updater rpm package (FreeRADIUS Server <version>)
cryptocard-freeradius-agent rpm package
libtool-ltdl must be installed (x64 if on 64bit Linux)
FreeRADIUS Updater
FreeRADIUS Updater handles all incoming RADIUS authentication for SAS. It also contains a feature where
SAS can synchronize Auth Nodes to FreeRADIUS. This reduces the administrative overhead involved with
manually adding an Auth Node and RADIUS client entry in SAS and FreeRADIUS respectively.
Prerequisites
The following prerequisites are required prior to upgrading SAS FreeRADIUS Updater:
cryptocard-freeradius-updater rpm package (FreeRADIUS Server <version>)
libtool-ltdl must be installed (x64 if on 64-bit Linux)
NOTE: This step is required to configure FreeRADIUS for the first time.
If radiusd fails start, perform the following steps:
a. Change to the /etc/ld.so.conf.d directory, and then type the following
command:
vi freeradius-server-2.2.0-x86_64.conf
b. Add the following line:
/opt/freeradius/freeradius-server-2.2.0/lib64/
c. Save the file.
d. Repeat step 7. If startup fails, stop the daemon (hold down Ctrl+C) and then
run it again.
8. Hold down Ctrl+C to stop the FreeRADIUS server that is running in debug mode.
9. Use the following command to copy rc.radiusd (the FreeRADIUS startup script) to the /etc/init.d directory
(if prompted, overwrite the existing file):
cp /opt/freeradius/freeradius-server-<version>/sbin/rc.radiusd /etc/init.d/radiusd
10. Modify the radiusd daemon:
a. Change to the /etc/init.d directory
b. Open the radiusd daemon with a text editor.
c. Add the following lines below the line #!/bin/sh:
# chkconfig: 2345 88 10
# Description: Start/Stop the RADIUS Server daemon
d. Save the daemon.
11. Use the following command to add radiusd to the runlevels:
chkconfig --add radiusd
12. Modify the radiusd.conf file as follows:
a. Change to the following directory: /opt/freeradius/freeradius-server-<version>/etc/raddb
b. Open the radiusd.conf file with a text editor.
NOTE: This step must be performed on all SAS FreeRADIUS servers. If there
are FreeRADIUS servers in each data center, the configuration should point to
its own SAS FreeRADIUS Updater Service as the primary.
Example:
# If you want to have a log of authentication requests,
# un-comment the following line, and the 'detail auth_log'
# section, above.
# auth_log
challAvecAuth
Example:
# Pluggable Authentication Modules.
# pam
Auth-Type challAvecAuth {
challAvecAuth
}
Support Contacts
If you encounter a problem while installing, registering, or operating this product, please make sure that you
have read the documentation. If you cannot resolve the issue, contact your supplier or SafeNet Customer
Support. SafeNet Customer Support operates 24 hours a day, 7 days a week. Your level of access to this
service is governed by the support plan arrangements made between SafeNet and your organization. Please
consult this support plan for further information about your entitlements, including the hours when telephone
support is available to you.
International 1-410-931-7520