Restricting users to AD domain computers
p.mayers at imperial.ac.uk
Thu Oct 11 15:48:00 CEST 2012
On 11/10/12 12:55, Bryce Mackintosh wrote:
> Okay, ignoring how I currently have things setup, how would other people
> go about controlling the users and devices on a wifi network by means of
> 802.1x, freeradius using AD for authentication and Win XP Pro SP3
We don't bother. It's not obvious why "controlling the devices" is useful.
> clients. I'd have thought that this was a fairly common requirement in
> the enterprise world, so I'm surprised there's not an obvious solution,
> or am I missing something? At the moment it looks like we'll have to
> abandon 802.1x and go back to WPA2-PSK.
Eh? How does *that* help?
If you really want to do this, then:
1. Use machine auth for 802.1x
2. Use policies *on* the machines to control the users
More information about the Freeradius-Users