Post-Auth LDAP with computer names rather than usernames

Hans-Christian Esperer hc at hcesperer.org
Fri Oct 19 23:31:22 CEST 2018


On Fri, Oct 19, 2018 at 09:13:38PM +0100, Matthew Newton wrote:
> If the computer name is there, you can use it. If it's not there,
> then... you can't. Closest approximation might be the MAC address in
> Calling-Station-Id, maybe.

Hmm, MAC addresses are not cryptographically signed, though... Meaning you
can't rely on them to be genuine.

HC


More information about the Freeradius-Users mailing list