802.1x client question
Alan DeKok
aland at ox.org
Tue Oct 11 00:28:56 CEST 2005
Michael Schwartzkopff <misch at multinet.de> wrote:
> Forget M$. Windooze is not able to do authentication BEFORE logon. Only after
> logon the possibilty to authenticate to the network exists. So much to the
> logic of M$.
Apparently Samba 3.0.21 will contain patches to ntlm_auth that allow
it to do machine authentication for PEAP sessions. I haven't tried it
myself, but it might work.
I *do* know that using EAP-TLS for machine authentication works,
once the magic "extended attribute" is added. See
"scripts/xpextensions" in the current CVS snapshots.
Alan DeKok.
More information about the Freeradius-Users
mailing list