Doc Phillips wrote: > I'm trying to prevent rogue devices from connecting to production and > obviously only allow valid users & devices. The current setup states > members of domain computers or domain users are allowed to auth against > the radius server. Do you know if its possible through freeradius to > allow these devices AND these users only?
Yes. FreeRADIUS can do machine && user authentication against Active Directory, using Samba. > We're using eap-peap-mschapv2 > as our current authentication method. Is there a way using > --require-membership-of to combine users AND groups perhaps through some > type of regular expression? I'm not sure what that means. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html