How to setup Freeradius in a Domain

Alan Buxey A.L.M.Buxey at
Wed Jul 13 11:00:56 CEST 2011

> I had to uncheck validate certificates on the client. I also had to uncheck
> use logon on username and password so it would ask me for the credentials.
> The server does not like when the client sends domain info. On the server
> side I had to change the users file so it doesn't include the Auth-Type as
> previously recommended.
> My Question is on my PC's Winows 7 and Windows XP clients.  How do I get my
> user to work in a domain environment with PEAP and EAP-TLS so that I don't
> need to manually login with my client.  This would be the preferred way for
> us to authenticate to the network.  This is how we do it with our Windows
> 2003/2008 Servers.

bind your FreeRADIUS into the AD and use the NTLM and AD login stuff. the FreeRADIUS
server is quite able to handle these - you just need to configure it to do so...if
you dont, then yes, you cant login with your AD identity - we happily do this with
the machine identity for our local people on our 802.1X wireless network (and wired network)


More information about the Freeradius-Users mailing list