Post-Auth LDAP with computer names rather than usernames
Matthew Newton
mcn at freeradius.org
Fri Oct 19 23:39:33 CEST 2018
On Fri, 2018-10-19 at 23:31 +0200, Hans-Christian Esperer wrote:
> On Fri, Oct 19, 2018 at 09:13:38PM +0100, Matthew Newton wrote:
> > If the computer name is there, you can use it. If it's not there,
> > then... you can't. Closest approximation might be the MAC address
> > in
> > Calling-Station-Id, maybe.
>
> Hmm, MAC addresses are not cryptographically signed, though...
> Meaning you
> can't rely on them to be genuine.
Never said it was a good replacement, just a close approximation.
Sometimes you have to work with what you've got.
--
Matthew
More information about the Freeradius-Users
mailing list