Design question
Dan Letkeman
danletkeman at gmail.com
Fri Feb 3 15:08:54 CET 2012
Ok, so there are two problems with these scenarios in our environment.
We do not run AD, we run eEdirectory, and the computers are not
assgined to the users, they are all shared computer labs. This is why
having separate certs for each machine is impossible as we would have
to go around and install each cert manually on each machine. I think
I am stuck with using at best using the same cert for each computer
lab.
I think that would make more sense.
Dan.
On Fri, Feb 3, 2012 at 7:33 AM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:
> Hi,
>
>> Personally we (plan to) use PEAP/MS-CHAP, and check the machine account
>> against AD using ntlm_auth.
>
> this is what we do for machine authentication (wired/wireless)
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list