Authenticate computers with their hostnames

Difan Zhao difan.zhao at guest-tek.com
Tue Apr 20 00:41:01 CEST 2010


Phil, thank you very much for reply! I think you are right. I just tried
to change the authentication type to MD5 and then the laptop doesn't
even try to authenticate with hostname anymore. It seems it has to use
PEAP for this type of authentication. 

I will try setup NTLM and see if that works. Thanks again!

Difan Zhao
Network Engineer
difan.zhao at guest-tek.com
www.guest-tek.com
Office: 403-509-1010 ext 3048
Cell: 403-689-7514
-----Original Message-----
From:
freeradius-users-bounces+difan.zhao=guest-tek.com at lists.freeradius.org
[mailto:freeradius-users-bounces+difan.zhao=guest-tek.com at lists.freeradi
us.org] On Behalf Of Phil Mayers
Sent: Sunday, April 18, 2010 3:54 AM
To: freeradius-users at lists.freeradius.org
Subject: Re: Authenticate computers with their hostnames

On 04/16/2010 10:37 PM, Difan Zhao wrote:
> Users file:
>
> host/neteng-sp1.gtcorp.com Auth-Type := Accept

That won't work I think. The hosts are expecting to do EAP/PEAP+MS-CHAP 
(or EAP-TLS) and you'll need appropriate server-side auth mechanisms to 
issue the correct challenge/response values.

That is, you need to setup auth against their machine account 
credentials or certificates.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list