[Help] Is that possible to change the reject message that appears at the Windows Pop Up
Olivier Beytrison
olivier at heliosnet.org
Mon Mar 18 16:53:44 CET 2013
On 18.03.2013 16:48, Danny Kurniawan wrote:
> Hi All,
>
> So i have been able to authenticate my wireless user using 802.1x + LDAP
> + MAC address (using CallingStationID attriubute). So now for example
> when user A have MAC 11:22:33 but tried to login using another device
> there will be a pop up window when they try to connect - just a plain
> error popup saying "Unable to connect". Is there any way we can
> customize this error from radius? or should be from the wireless AP?
>
> So below is the unlang code that i use to check whether the user have a
> set of MAC address in their ldap profile or not
> if(!control:Calling-Station-Id){
> reject
> }
>
> Possible to have that reject command to return some code that Windows
> client can understand like "No MAC address" etc?
>
> Thanks in advance
> Danny
you could send back a reply-message.
But it is forbidden if you are doing EAP.
And anyway, Micro$oft is not paying attention to it and will disregard it.
so no, you can't send a message to the user.
Olivier
--
Olivier Beytrison
Network & Security Engineer, HES-SO Fribourg
Mail: olivier at heliosnet.org
More information about the Freeradius-Users
mailing list