Hi Allan, Matthew, et al.
So if OSX and Chrome "just work", then it's because someone is configuring it.
All respect guys, but these are dozens of K-12 student-owned BYODs. They haven't received any configuration and they all work out of the gate as operated by a 12 year old. I don't need to be right, but I don't know enough about what I've configured to understand how it is working; do you have any other ideas? It makes sense to me that Win10 is being finicky about a cert, but since installing one on these student-owned machines is something I want to avoid, I want to get to the bottom of OSX's success in case it's replicable.
"it just stops". 99% of the time it's a certificate issue.
Did you look at the end of my "failed bind" debug? Is that what this looks like for sure? Is there any additional logging I can get besides `-X`? Thanks, Evan On Tue, Sep 15, 2020 at 6:56 PM Alan DeKok <aland@deployingradius.com> wrote:
On Sep 15, 2020, at 6:49 PM, Evan Sharp < evan.sharp@coastmountainacademy.ca> wrote:
The CA cert used by FreeRADIUS isn't configured on the Windows machine.
Does that cert come pre-configured in MacOS and ChromeOS?
No.
These are BYOD computers so I haven't touched them, but all the Mac clients have been plug-and-play.
Someone poked something.
For the last 3-4 years, OSX will *not* allow users to configure TTLS with certificates via the GUI. Instead, it has to be done via a mobileconfig file, or provisioning tool.
So if OSX and Chrome "just work", then it's because someone is configuring it. They require some kind of configuration changes before they "just work".
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html