EAP identity - username check
Carl Wahlin
carl_wahlin at hotmail.com
Wed Aug 9 17:08:49 CEST 2006
Hello,We are trying to get machine certificates to with freeradius for WLAN.Problem:We are using the sql user database plugin as we need to return attributes (which vlan the user belongs to, QoS etc) and it all works fine untill we install the certificates as machine certs. Windows changes the User-Name to host/username and that causes the username not to be correct according to what is in the database, and also the User-Name does not match the cn in the cert. We can change the attribute with search and replace, but then EAP gives us the error "identity does not match the User-Name, setting from EAP Identity". Is there a way around this? It would be nice to be able to turn off the EAP identity - User-Name check as we really do not think it is necesary in our solution (and do not really see a security benifit of having it).Any ideas?/Carl
_________________________________________________________________
Try Live.com - your fast, personalized homepage with all the things you care about in one place.
http://www.live.com/getstarted
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060809/4b22c100/attachment.html>
More information about the Freeradius-Users
mailing list