I therefore decied to try radius authetication because LDAP is not an option as that is used for our students and we have completly seperate forrests for facutly and students.
After alot of trial and error I figured out a working config. I have a very difficult time finding good documentation on here, so here's a quick and dirty write up:
http://justinhaaga.wordpress.com/2009/05/19/moodle-and-radius-authentication/ (w/picutures)
There is very poor documentation out there that clearly shows how to properly install and implement radius authentication with moodle. While this would probably also apply to any php5 LAMP setup, this will specifically explain how to do it in moodle 1.9.x using debian linux.
1. Install radius module for php5
a. Apt-get install php5-radius
2. Install php auth-pam
a. Apt-get install php5-auth-pam
3. Install Auth_RADIUS module for pear
a. Pear install radius Auth_RADIUS
b. moodledev:~#pear install radius Auth_RADIUS
c. No releases available for package “pear.php.net/radius” – package pecl/radius
can be installed with “pecl install radius”
d. Cannot initialize channel://pear.php.net/radius’, invalid or missing package file
e. WARNING: channel “pear.php.net” has
updated its protocols, use “channel-update pear.php.net” to update
f. downloading Auth_RADIUS-1.0.6.tgz …
g. Starting to download Auth_RADIUS-1.0.6.tgz (8,389 bytes)…..done: 8,389 bytes
i. downloading radius-1.2.5.tgz …
j. Starting to download radius-1.2.5.tgz (29,750 bytes…done: 29,750 bytes
l. Package “channel://pear.php.net/radius” is not valid 16 source files, building
n. running: phpize
***** This error is OK and the system will process, if you don’t like errors you need to install the php5-dev packaged which has the phpize. This is a big install though.
You may also need the make package
Apt-get install make
o. sh: phpize: command not found
p. ERROR: `phpize‘ failed
q. install ok:channel://pear.php.net/Auth_RADIUS-1.0.6
i. if you get this last option then the auth_radius
module is install for php to use, which php5-radius
references
4. restart apache services
a. /etc/init.d/apache2 restart
5. Moodle will still show radius_auth is not loaded, but put in your settings
and they will work
6. For Windows 2003 IAS configuration you will need
to select the following:
c.
Then setup the remote access policies
d.
To verify it’s connectin,
check the event log, you’ll see connection attempts with the type of error
messages.
Moodle uses no encryption for the radius auth module, so make sure that your radius server and moodle server have secure transmission.