<div>Hi,</div><div><br></div><div>I'm currently using FreeRadius to control access to our wifi network with PEAP-TLS, and authenticating users against their AD accounts. I now need to somehow additionally restrict the users wifi access to only the machines that are joined to the Windows domain, and not phones, ipads, etc, and do this in a reasonably secure fashion.</div>
<div><br></div><div>There are a couple of hundred laptops involved, so I'd like to avoid having to do much in the way of client-side configuration, but I suspect that client certificates may be the only answer. I've been searching for a number of weeks, and I haven't found any other real solution.</div>
<div><br></div><div>Thanks in advance,</div><div><br></div><div>Bryce</div>