| *** AccentureDan has quit (Ping timeout: 250 seconds) | 00:50 | |
| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 14:50 | |
| nowen | derp, forgot to start pidgin | 14:50 |
|---|---|---|
| *** AccentureDan (0cfa9442@gateway/web/freenode/ip.12.250.148.66) has joined #wikid | 18:02 | |
| AccentureDan | hey Nick | 18:03 |
| AccentureDan | so just an update, implemented AD LDS and created a partition, enabled all certs in WiKID along with enabling LDAP...going to be configuring RADIUS shortly and will give you an update | 18:03 |
| AccentureDan | I will need some help on communication and access via the WiKID token as that was an issue the last time | 18:03 |
| nowen | hey - soory | 19:01 |
| nowen | AccentureDan: you still here? | 19:01 |
| nowen | ping AccentureDan | 19:34 |
| AccentureDan | hahaha | 19:50 |
| AccentureDan | sorry | 19:50 |
| AccentureDan | i am back | 19:50 |
| AccentureDan | been running around again | 19:50 |
| nowen | what's your status? | 19:59 |
| AccentureDan | okay created a domain | 20:01 |
| AccentureDan | enabled RADIUS and LDAP | 20:01 |
| AccentureDan | downloaded the token client to a member server on my domain | 20:01 |
| nowen | I would not enable ldap | 20:01 |
| nowen | it will just use up memory | 20:01 |
| nowen | but you can disable it later | 20:01 |
| nowen | what's your domain identifier? | 20:01 |
| AccentureDan | the name? | 20:02 |
| nowen | the 12 digit id | 20:02 |
| AccentureDan | ohhhh | 20:03 |
| AccentureDan | internal...192168ifconfig | 20:03 |
| AccentureDan | my bad | 20:03 |
| nowen | ah | 20:03 |
| AccentureDan | stupid screen | 20:03 |
| AccentureDan | LOL | 20:03 |
| nowen | can you register a token? | 20:03 |
| AccentureDan | i meant to ask you about the domain identifier | 20:04 |
| AccentureDan | is that the IP of the WiKID server? | 20:05 |
| nowen | yes, so the tokens can find it | 20:05 |
| nowen | for production, you will want to use the external ip | 20:05 |
| AccentureDan | 192168001131 | 20:05 |
| AccentureDan | ahhh i see | 20:05 |
| AccentureDan | okay | 20:05 |
| nowen | so 192.168.1.131 | 20:05 |
| AccentureDan | so you essentially want the WiKID server facing towards the Internet? | 20:06 |
| nowen | the tokens need to communicate with the server. you can NAT it and you can proxy the requests | 20:06 |
| nowen | so, can you register a token? | 20:07 |
| AccentureDan | well just so i can give you some background...I have a desktop set up with VMWare Workstation...I have a Win2k12 set up as a DC and another member server...then I have an Oracle Enterprise Linux OS running with WiKID | 20:07 |
| AccentureDan | one sec | 20:07 |
| nowen | I do want to get out of here soonish - tgif and all ;-) | 20:08 |
| AccentureDan | nahhhh man dont worry about it | 20:14 |
| AccentureDan | its not immediate | 20:14 |
| AccentureDan | sorry getting pulled away by the client | 20:14 |
| AccentureDan | i had to change something in the domain | 20:15 |
| AccentureDan | lemme see if i can auth | 20:15 |
| nowen | what are you trying to auth into? | 20:15 |
| AccentureDan | so with the token client | 20:15 |
| AccentureDan | should i put the server code from the domain in there? | 20:15 |
| nowen | yep | 20:16 |
| AccentureDan | i set the server code to the WiKID server | 20:16 |
| nowen | yes | 20:16 |
| AccentureDan | hmmmm c ould not obtain config | 20:18 |
| AccentureDan | one sec | 20:18 |
| nowen | can you browse the WiKIDAdmin from that machine? | 20:18 |
| AccentureDan | lemme check here real quick | 20:22 |
| AccentureDan | dont think i have samba installed | 20:23 |
| AccentureDan | woops | 20:23 |
| AccentureDan | not what i meant | 20:23 |
| AccentureDan | my bad | 20:23 |
| nowen | you don't need samba or anything to get the token talking to wikid, except a route over port 80 | 20:24 |
| AccentureDan | gotcha | 20:25 |
| AccentureDan | cant browse it | 20:25 |
| AccentureDan | could not connect | 20:25 |
| AccentureDan | can ping it though | 20:26 |
| AccentureDan | okay got it | 20:27 |
| AccentureDan | SELinux and firewall..,.ugh | 20:27 |
| AccentureDan | brb | 20:28 |
| AccentureDan | ok it worked | 20:28 |
| AccentureDan | WOOT | 20:28 |
| nowen | sweet | 20:35 |
| nowen | ok - how will you test radius? | 20:35 |
| AccentureDan | well that is the fun part my friend | 20:36 |
| AccentureDan | i had a VPN solution set up but i need to go and reverify | 20:36 |
| AccentureDan | what is the most common? | 20:36 |
| nowen | i use http://www.iea-software.com/products/radlogin4.cfm | 20:37 |
| nowen | you can also play with the API using example.jsp: http://www.wikidsystems.com/support/wikid-support-center/troubleshooting-faq/how-can-i-test-if-the-server-is-working-correctly | 20:38 |
| nowen | and http://www.wikidsystems.com/support/wikid-support-center/manual/how-to-install-the-wikid-strong-authentication-server/installing-the-wikid-strong-authentication-server-enterprise-edition-page-5 | 20:39 |
| nowen | when you are ready to test external, you can just create a new domain using the external IP | 20:43 |
| nowen | but I might head out - are you in a good place/ | 20:45 |
| nowen | ? | 20:45 |
| nowen | ok - I'm outta here - AccentureDan email me if you need me. | 20:58 |
| *** AccentureDan has quit (Ping timeout: 250 seconds) | 22:29 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!