Machine account authentication progress?

Alan DeKok aland at deployingradius.com
Thu May 17 14:12:30 CEST 2007


Peter Savage wrote:
> Has anything happened in this area, to allow machine authentication
> against AD?

  It works.  It's worked for a long time.  See the ChangeLog for 1.1.0,
released over a year ago.

>  From reading the mailing list I believe it was a problem
> with ntlm_auth, is this any closer to getting fixed, if not, how do
> people work around it.  We have laptops here that authenticate against
> the domain if it's available, or locally if not.  There is a logon
> script if they are at the site.  How best I work round this?

  I'm not sure what you mean.

  So far as FreeRADIUS is concerned, "machine authentication" is just
like doing user authentication.  The machine uses 802.1x to get network
access, and FreeRADIUS checks the credentials against Active Directory.

  This is *not* the same as the machine logging into the domain.  It is
completely different.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog



More information about the Freeradius-Users mailing list