Peter Savage wrote:
Has anything happened in this area, to allow machine authentication against AD?
It works. It's worked for a long time. See the ChangeLog for 1.1.0, released over a year ago.
From reading the mailing list I believe it was a problem with ntlm_auth, is this any closer to getting fixed, if not, how do people work around it. We have laptops here that authenticate against the domain if it's available, or locally if not. There is a logon script if they are at the site. How best I work round this?
I'm not sure what you mean. So far as FreeRADIUS is concerned, "machine authentication" is just like doing user authentication. The machine uses 802.1x to get network access, and FreeRADIUS checks the credentials against Active Directory. This is *not* the same as the machine logging into the domain. It is completely different. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog