We use NPS (new IAS - 2008 R2) for machine auth on wireless. Our wireless is 802.1x with PEAP. Our domain machines authenticate as the machine with a machine certificate so users can logged into them.
It requires that you setup an internal CA and issue computer certificates to all your domain machines. Then setup a rule in NPS/IAS to allow the machines to authenticate. If you want specifics feel free to contact me off list. Daniel Bennett IT Security Analyst Pennsylvania College of Technology P:570.329.4989 E:dbenn...@pct.edu -----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jason Appah Sent: Thursday, October 14, 2010 5:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Machine Authentication and IAS 2008 We are a complete Aruba shop, and I'll confess I haven't actually ticketed this with Aruba, but... Has anyone else been able to make machine auth work with IAS as the Radius? Each time the authentication comes across as bad username/password on the machine account. We had an IDengines ignition server that worked flawlessly but has now died. IAS was the replacement and machine auth hasn't worked since. So, has anyone else experienced this? Jason Appah Security/Systems Administrator Oregon Institute of Technology Oregon's only Technical Institute. Office 541-885-1719 Fax 541-885-1919 Email jason.ap...@oit.edu ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.