Hi All,
We would like to use packetfence for Dot1X EAP-TLS authentication based
on machine certificates with the hostname as the
TLS-Client-Cert-Common-Name (the user of the machine afterwards
authenticates against AD directly).
The role-mapping and authentication itself in PF works well, but as a
sort of irksome result the authenticated (and auto-registered) machine
lists on the Nodes tab with the corresponding MAC address and an empty
computername. Instead the hostname is shown as owner and the machine
name is registered under the Users tab with the FQDN, together with
other regular (i.e. "real") user's accounts.
Auditing->Node Information shows Computer Name N/A and username
host/hostname.domain.tld
The Authentication Source uses servicePricipalName as Username
Attribute, that is the only hint I found to distingish between user and
machine authentication.
Is there some way to treat the hostname to show up as node instead of
user as normally indicated by the form host/... or hostname$
Kind regards,
Jochen
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
