On my current work environment I have several devices that can only use TACACS+ for centralized authentication. Integrating TACACS+ with FreeIPA and FreeRadius will complete my centralized AAA system.
This article shows how to configure and integrate FreeRADIUS and TACACS+ with FreeIPA to implement a AAA system, which provide authentication, authorization and accounting to RADIUS or TACACS+ compatible, systems (e.g. a VPN server, routers, switches etc.).
The FreeIPA server is configured as a stand-alone system, with no integration with other directory servers or any other system, you can follow Centralized authentication server with FreeIPA for guidance on how to install FreeIPA.
FreeIPA is a solution for managing users, groups, hosts, services, and much, much more. It uses open source solutions with some Python glue to make things work. Identity Management made easy for the Linux administrator.
Configure IPA Server to share users account in your local network.
This installation is being performed on a fully updated CentOS 7.2 system. Add and entry in the /etc/hosts matching the server ip and hostname. Additionally, make sure to set the server hostname properly.
echo serversIP ipa.yourdomain.com ipa >> /etc/hosts