Computer Logon with PEAP-MSCHAPv2
Sebastian Mauer
sebastian at n-unity.de
Sun Nov 13 15:55:09 CET 2005
Alan DeKok schrieb:
>Sebastian Mauer <sebastian at n-unity.de> wrote:
>
>
>>I found a lot of helpful HowTos and Documentations but never
>>managed to get Information about Computer Logons with PEAP.
>>
>>
>
> This was discussed very recently on this list. See the list archives.
>
> Alan DeKok.
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>
Hello!
I already read the thread about Domain Logons, but my case is a little
bit different.
I use Samba 3.x with LDAP as backend. I recently managed to get
FreeRadius working by using SambaNTPassword as Password Attribute for
EAP-PEAP Logins. Now I have the problem to get machines authenticated
too. I found Information that when Computer Logon is activated the
Machine tries to authenticate with its Machine Password. The domain
enabled machines are in ou=Machines,dc=rnet,dc=lan and their Machine
Password is stored too in a SambaNTPassword Attribute.
So it might work if FreeRadius is able to find the machine entry in
LDAP. The username for machines is machinename$ but I'm not sure what
username Windows sens if it tries to authenticate a machine.
Has someone set up a similar configuration?
Sincerely,
Sebastian Mauer
More information about the Freeradius-Users
mailing list