On 11/10/2010 22:14, James J J Hooper wrote:
On 11/10/2010 12:37, Phil Mayers wrote:
On 09/10/10 15:01, Garber, Neal wrote:
Thanks to a lot of work by Phil Mayers, the server now has support for
Microsoft SoH in PEAP, normal RADIUS (MS VPN gateway), and in DHCP.
Wow! That *must* have been a lot of work! Thank you Phil.
Does this mean FreeRADIUS can now act as a Health Policy Server?
Yes, though it's not 100%. Specifically the code can challenge clients for
an SoH, and the client will submit it and FreeRadius decode it. There is
not (yet) support for FreeRadius generating and emitting an SoHR, because
I don't have a working example of such, and decoding the MS-SOH spec is
REALLY REALLY hard without at least some working data to compare to the
awful spec language!
Hi Phil, Alan,
http://msdn.microsoft.com/en-us/library/cc251376%28v=PROT.10%29.aspx
-> Independent of the above states, the last bit of the third byte of the
AU ClientStatusCode can take the value of 1 if the AU settings on the
client are controlled by policy.
[We do a little of
http://technet.microsoft.com/en-us/library/cc708449%28WS.10%29.aspx on our
clients via our wireless set-up wizard to help them keep up to date with
patches]
... Therefore patch attached {"confd-by=" format only a suggestion}.
...I wonder if MS ever end up with:
case 0x00000105:
snprintf(vp->vp_strvalue, sizeof(vp->vp_strvalue), "%s warn unconfigured
confd-by=policy", s);
Oh well, it's in the spec...
-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
