windows users having trouble authenticating
Alan DeKok
aland at deployingradius.com
Tue Aug 3 21:00:08 CEST 2010
Sallee, Stephen (Jake) wrote:
>> The various EAP methods *should* have tied usernames (i.e. domains)
> to a field in the certificate. e.g. a cert with CN "radius at example.com"
>> should be sent logins for "user at example.com", but NEVER sent logins
> for "user at example.net"
>
> How does this workout with child domains? For example: I have two
> domains 1) umhb.edu and 2) Cru.umhb.edu. "Cru" is a child of
> "umhb.edu", if I get a single cert for FreeRADIUS.umhb.edu will it be ok
> for authenticating users on both umhb.edu AND Cru.umhb.edu?
I said it SHOULD have been that way. It doesn't work that way now.
There is NO tying of certificate CNs to user names.
Alan DeKok.
More information about the Freeradius-Users
mailing list