20 Oct
2009
20 Oct
'09
2:46 a.m.
Doc Phillips wrote:
I'm trying to prevent rogue devices from connecting to production and obviously only allow valid users & devices. The current setup states members of domain computers or domain users are allowed to auth against the radius server. Do you know if its possible through freeradius to allow these devices AND these users only?
Yes. FreeRADIUS can do machine && user authentication against Active Directory, using Samba.
We're using eap-peap-mschapv2 as our current authentication method. Is there a way using --require-membership-of to combine users AND groups perhaps through some type of regular expression?
I'm not sure what that means. Alan DeKok.