Hi Alan,
Alan DeKok schrieb:
Freeradius. Using Linux I can send whatever I want as the loginname.
If you know you can change the client, than change the client.
This is exactly what I want to do! Change the loginname, the clients
sends to the Authenticater. It's a Windows 802.1x
Hi Phil,
Phil Mayers schrieb:
I don't understand - you're saying that, for windows clients:
1. On wi-fi they send host/name.domain.com
2. On LAN, then send... something else?
Are you sure? We don't see that.
Exactly. On wifi they send
hostname
on LAN they send:
host/hostname
hostname
On 10/12/2012 09:55 AM, Alexandros Gougousoudis wrote:
Hi Alan,
Alan DeKok schrieb:
Freeradius. Using Linux I can send whatever I want as the loginname.
If you know you can change the client, than change the client.
This is exactly what I want to do! Change the loginname, the clients
Hi,
Phil Mayers schrieb:
I don't understand - you're saying that, for windows clients:
1. On wi-fi they send host/name.domain.com
2. On LAN, then send... something else?
Are you sure? We don't see that.
i agree
Exactly. On wifi they send
hostname
on LAN they send:
On 10/12/2012 09:59 AM, Alexandros Gougousoudis wrote:
Hi Phil,
Phil Mayers schrieb:
I don't understand - you're saying that, for windows clients:
1. On wi-fi they send host/name.domain.com
2. On LAN, then send... something else?
Are you sure? We don't see that.
Exactly. On wifi they
Hi,
Phil Mayers schrieb:
We don't see that behaviour. We consistently see host/. Check you
aren't mangling the hostnames in your FreeRADIUS config.
Strange, but thanks for watching. We're not mangeling anything in FR.
That's what I see, running FR in Debug-Mode. Maybe because we're running
The behavior _is_ configurable, but as you have observed for your
particular network, the default is not to attempt machine auth. It
is configurable on a per-network connection basis, I'm getting fuzzy
on if it's adapter or SSID based.
If the OP is observing such behavior, he needs to
Hi David,
David Mitton schrieb:
If the OP is observing such behavior, he needs to figure out why (what
turned it on, is it consistent or the same for all users) and work
with that.
It is consistent for all machines in the network. To figure out why this
happend, is exactly what I want to
On 12/10/12 13:48, David Mitton wrote:
The behavior _is_ configurable, but as you have observed for your
particular network, the default is not to attempt machine auth. It is
configurable on a per-network connection basis, I'm getting fuzzy on if
it's adapter or SSID based.
No, you've
On 12/10/12 13:59, Alexandros Gougousoudis wrote:
Hi David,
David Mitton schrieb:
If the OP is observing such behavior, he needs to figure out why (what
turned it on, is it consistent or the same for all users) and work
with that.
It is consistent for all machines in the network. To figure
Phil Mayers schrieb:
Is it possible your wireless networking equipment is mangling the
hostnames? Which vendor are you using?
Mhh, I can check that again, it's an old Linksys-AP. I'll see if that
happens also with the other more professional hardware we have.
Have you verified that you really
Hi,
we're using FR 2.0 for our machine authentication for XP to Win7 with
EAP-TLS. Everything is working so far, but I noticed a difference
between authenticating via WLAN and LAN, which starts to be a problem
for us now. If I make a auth via LAN the provided username ist
hostname, if I do
Alexandros Gougousoudis wrote:
we're using FR 2.0 for our machine authentication for XP to Win7 with
EAP-TLS. Everything is working so far, but I noticed a difference
between authenticating via WLAN and LAN, which starts to be a problem
for us now. If I make a auth via LAN the provided
Hi Alan,
thanks for your reply!
Alan DeKok schrieb:
host/ as a realm for our Radsecproxy, I'd like to change the
behauviour for the authentication via LAN and add a string to the
hostname
Don't. You will break EAP.
That's not clear. Why would that break EAP if the workstations
I'm sorry, I don't have time right now to help you, but you are on the
right track. Windows has a feature Machine Authentication where the
station authenticates (using the $hostname and a secret credential
created at domain join) with a Domain controller before the user login.
On an
On 11/10/12 12:43, Alexandros Gougousoudis wrote:
Hi,
we're using FR 2.0 for our machine authentication for XP to Win7 with
EAP-TLS. Everything is working so far, but I noticed a difference
between authenticating via WLAN and LAN, which starts to be a problem
for us now. If I make a auth via
Alexandros Gougousoudis wrote:
That's not clear. Why would that break EAP if the workstations are
sending a different Login?
You said you wanted to add a string to hostname. Don't do that.
Editing it in FreeRADIUS will break things.
It already does, depending on LAN or WLAN
Logins. I
17 matches
Mail list logo
