-----Ursprüngliche Nachricht----- Von: Krämer Armin [mailto:[EMAIL PROTECTED] Gesendet: Samstag, 20. Mai 2006 12:04 An: '[EMAIL PROTECTED]' Betreff: AW: EAP TLS Computer Authentication XP the final Solution *working great after a hard fight* Solution inside
Hi, i read your artikel at this magazine and it was quiete helpful, the only thing didnt working was machine certificate but like I described at my last post the only thing I struggled was XP Clients needing the full DN at this place I described and the CN as Computername and how to import them correctly. The ldap setup of you were really helpful. Thanks to you. Greetings from Baden Würtemberg Armin -----Ursprüngliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Samstag, 20. Mai 2006 09:23 An: Krämer Armin Betreff: Re: EAP TLS Computer Authentication XP the final Solution *working great after a hard fight* Solution inside Am Samstag, 20. Mai 2006 09:01 schrieb Krämer Armin: > Hi, > (...) > An CA created with TinnyCA as frontend for openssl, freeradius @debian > stable with EAP-TLS Support, LDAP-Backend for Dynamik VLAN Assignment > Rules, VLAN Routing @ an Layer 3 Core Switch and finaly Clients > 200,X?,Linux duing firstly an Machine Authentication(*tricky but possible*) > pulled into and basically VLAN with the DHCP,DNS and ADS Servers in an > separate Subnet and VLAN, then Users can log onto the domain, getting their > final > User-Certifikate, thrown into their final working vlan and getting the > final Subnet from the DHCP. This workes now great put firstly only the main > problem, the machine certificates. Hi, I did this setup (LDAP, VLAN, Certs, ...) and wrote an article in the German Linux Magazin 01/05. All problems you list are more or less described there. Sorry, that I did not read the beginning of this discussion. So I could have helped you before. Greetings from Munich, Michael Schwartzkopff - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html