AW: EAP TLS Computer Authentication XP the final Solution *working great after a hard fight* Solution inside

Krämer Armin Kraemer.Armin at web.de
Sat May 20 12:30:31 CEST 2006 


-----Ursprüngliche Nachricht-----
Von: Krämer Armin [mailto:Kraemer.Armin at web.de] 
Gesendet: Samstag, 20. Mai 2006 12:04
An: 'misch at multinet.de'
Betreff: AW: EAP TLS Computer Authentication XP the final Solution *working
great after a hard fight* Solution inside

Hi, i read your artikel at this magazine and it was quiete helpful, the only
thing didnt working was machine certificate but like I described at my last
post the only thing I struggled was XP Clients needing the full DN at this
place I described and the CN as Computername and how to import them
correctly. The ldap setup of you were really helpful. Thanks to you. 

Greetings from Baden Würtemberg 

Armin 

-----Ursprüngliche Nachricht-----
Von: misch at multinet.de [mailto:misch at multinet.de] 
Gesendet: Samstag, 20. Mai 2006 09:23
An: Krämer Armin
Betreff: Re: EAP TLS Computer Authentication XP the final Solution *working
great after a hard fight* Solution inside

Am Samstag, 20. Mai 2006 09:01 schrieb Krämer Armin:
> Hi,
>
(...)
> An CA created with TinnyCA as frontend for openssl, freeradius @debian
> stable with EAP-TLS Support, LDAP-Backend for Dynamik VLAN Assignment
> Rules, VLAN Routing @ an Layer 3 Core Switch and finaly Clients
> 200,X?,Linux duing firstly an Machine Authentication(*tricky but
possible*)
> pulled into and basically VLAN with the DHCP,DNS and ADS Servers in an
> separate Subnet and VLAN, then Users can log onto the domain, getting
their
> final
> User-Certifikate, thrown into their final working vlan and getting the
> final Subnet from the DHCP. This workes now great put firstly only the
main
> problem, the machine certificates.

Hi,

I did this setup (LDAP, VLAN, Certs, ...) and wrote an article in the German

Linux Magazin 01/05. All problems you list are more or less described there.

Sorry, that I did not read the beginning of this discussion. So I could have

helped you before.

Greetings from Munich,

Michael Schwartzkopff

More information about the Freeradius-Users mailing list