PEAP Machine Auth without NTLM or LDAP
Phil Mayers
p.mayers at imperial.ac.uk
Fri Jan 27 23:31:45 CET 2006
Jérémy Cluzel wrote:
> Hello,
>
> I want to do machine auth with PEAP for my laptop before windows logon.
> I managed to do it with "ntlm_auth" before, but this time, I've another
> problem, there is no PDC.
If there is no PDC, there's no domain, so there *is* no machine account.
You could use a machine certificate and EAP-TLS, but limitations of the
winxp built in supplicant mean you'd have to also use EAP-TLS for the
users as well.
> So, is it possible to use the "users" file instead like this:
> "computer_name" User-Password == ""
>
> (As far as I remember it was impossible...)
It is, because there is only a machine account if there is a domain (in
which case there is a PDC)
>
> Any suggestions ?
>
> Regards,
>
> Jeremy Cluzel
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list