NoPassword Universal Proxy
 
Prerequisites
  • Java JRE 1.8 update 151, or JRE 1.8 latest update
 
Linux Installation
LDAP
  • Unzip the file “nopassword-proxy.zip”.
  • Open a terminal and execute the following script as the root user:
    sudo sh nopassword-proxy/bin/configure.sh
  • The service configuration screen will show up. Select “LDAP” as protocol. Set a listening port. Select a certificate in pfx format if you wish to enable secure connections. Click on “Next”.

Universal Proxy LDAP

 

Protocol – network protocol to be used by service Port – listening port
NoPassword URL – NoPasswod authentication URL service
TLS Certificate – provide a certificate file if you wish to enable SSL/TLS connections
Overwrite Bind  – makes all bind requests to succeed

 

  • Now select the “Server Mode” that better suits your needs.

NoPassword for NoPassword authentication only
Password or NoPassword for NoPassword or LDAP authentication
2nd Factor Authentication for nopassword.com authentication along with LDAP authentication

Universal Proxy LDAP 2

 

Login Key – retrieve this value from nopassword.com admin portal. Go to “Keys” menu, copy the NoPassword Login key value and paste it here
Email Domain – organization’s domain
If you selected Password or NoPassword, or 2nd Factor Authentication, then you’ll be asked to provide your LDAP directory server parameters.

Universal Proxy LDAP 3

Host – LDAP directory server name or IP address
Port – LDAP directory server port
TLS – enables secure connections to LDAP server
Admin User – LDAP server administrator or any user with read permissions on users

 

  • Click on the “Install” button. If everything is ok you’ll get a confirmation message. The service will start automatically after installation. You can start, stop and check service status with the following commands:

Redhat 7/CentOS 7/Ubuntu/Debian
sudo systemctl start nopasswordproxy.service
sudo systemctl stop nopasswordproxy.service
sudo systemctl status nopasswordproxy.service

Redhat 6/CentOS 6
sudo service nopasswordproxy.sh start
sudo service nopasswordproxy.sh stop
sudo service nopasswordproxy.sh restart

As an alternative, you can check if the service is up and running by checking the listening port with the following command:
netstat atun | grep <service_port_number>

 

RADIUS

Please note that only PAP and CHAP modes are supported. Authorization and Accounting are not supported by this service.

  • Unzip the file “nopassword-proxy.zip”.
  • Open a terminal and execute the following script as the root user:
    sudo sh nopassword-proxy/bin/configure.sh
  • The service configuration screen will show up. Select “RADIUS” as protocol. Set a listening port and click on “Next”.

Universal Proxy Radius

Protocol – network protocol to be used by service
Port – listening port
NoPassword URL – NoPasswod authentication URL service
TLS Certificate – provide a certificate file if you wish to enable SSL/TLS connections
Overwrite Bind  – makes all bind requests to succeed

 

  • Now select the “Server Mode” that better suits your needs

NoPassword for NoPassword authentication only
Password or NoPassword for NoPassword or LDAP authentication
2nd Factor Authentication for nopassword.com authentication along with LDAP authentication

 

  • Set the “Login Key”, retrieve this value from nopassword.com admin portal. Go to “Keys” menu, copy the NoPassword Login key value and paste it here.

Universal Proxy Radius 2

 

  • Set your organization’s domain name in Email Domain.
  • Set a radius secret.
  • Click on the “Install” button. If everything is ok you’ll get a confirmation message. The service will start automatically after installation. You can start, stop and check service status with the following commands:

Redhat 7/CentOS 7/Ubuntu/Debian
sudo systemctl start nopasswordproxy.service
sudo systemctl stop nopasswordproxy.service
sudo systemctl status nopasswordproxy.service

Redhat 6/CentOS 6
sudo service nopasswordproxy.sh start
sudo service nopasswordproxy.sh stop
sudo service nopasswordproxy.sh restart

As an alternative, you can check if service is up and running by checking the listening port with the following command
netstat atun | grep <service_port_number>

 

Text Mode Installation

To install the proxy without a GUI, you will need to provide a configuration file with all the needed parameters. You can find a configuration file template under nopassword-proxy/conf/server.properties. Open the file with a text editor and set the parameters as needed. The 2 tables below will help you to set the appropriate values for each parameter. To install the proxy in text mode execute this command:
sudo sh nopasswordproxy/bin/configure.sh text-mode

 

The following table describes all the parameters available:

Parameter

Description

Possible values

server.protocol

Server network protocol.

LDAP | RADIUS | RADSEC

server.port

Listening port.

1-6355

server.mode

Operation mode.

NP=this is standalone mode, user will be authenticated with NoPassword.


PNP=authenticates the user with LDAP server if a password is provided. If LDAP authentication fails or none password is provided, then, user will be authenticated with NoPassword.


2FA=user will be authenticated with LDAP server and NoPassword.

server.tls

Enable secure connections from client to server. If true, then you must set “certificate” parameter.

true | false

certificate

Path to certificate (in PFX format) in order to provide secure connections

 

nopassword.login.key

NoPassword Login key.

Retrieve this value from nopassword.com admin portal. Go to “Keys” menu and copy the NoPassword Login key value.

nopassword.url

NoPassword authentication endpoint.

https://api.nopassword.com/auth/login

ldap.address

LDAP server name or IP address.

 

ldap.port

LDAP server listening port.

 

ldap.admin

LDAP admin user DN.

 

ldap.admin.password

LDAP admin password.

 

ldap.tls

Uses secure connections between proxy and LDAP server.

true | false

ldap.attribute.login

Used in LDAP standalone mode only. Identifies a user in a LDAP search filter. The value specified here depends on how the client application search for users in the LDAP server.

cn | uid | userPrincipalName | samAccountName

email.domain

Your company domain name.

 

overwrite.bind.response

Makes all authentication requests to succeed.

true | false

 

Use the following table as a guide to check which parameters are mandatory, or which values are needed depending on the server mode and protocol you are interested in:

 

Parameter

         

server.protocol

LDAP

LDAP

LDAP

RADIUS

RADSEC

server.port

X

X

X

X

X

server.mode

NP

PNP

2FA

NP

NP

server.tls

X

X

X

false

true

certificate

O

O

O

X

nopassword.login.key

X

X

X

X

X

nopassword.url

X

X

X

X

X

ldap.address

X

X

ldap.port

X

X

ldap.admin

X

X

X

ldap.admin.password

X

ldap.tls

X

X

ldap.attribute.login

X

email.domain

X

X

X

X

X

overwrite.bind.response

X

false

false

false

false

X – Mandatory
O – Optional
– – Not needed

 

Any questions? Contact us at support@nopass.com or 877-877-5587.