Restricting users to AD domain computers
brycedrm at gmail.com
Thu Oct 11 12:03:42 CEST 2012
I'm currently using FreeRadius to control access to our wifi network with
PEAP-TLS, and authenticating users against their AD accounts. I now need to
somehow additionally restrict the users wifi access to only the machines
that are joined to the Windows domain, and not phones, ipads, etc, and do
this in a reasonably secure fashion.
There are a couple of hundred laptops involved, so I'd like to avoid having
to do much in the way of client-side configuration, but I suspect that
client certificates may be the only answer. I've been searching for a
number of weeks, and I haven't found any other real solution.
Thanks in advance,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users