Re: 802.1x machine authentication without directory
- From: MC <nospam@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 31 Oct 2006 02:53:58 +0100
Hi Michael,
If I understand what you are trying to do correctly, you're running into the problem that a lot of radius servers and IAS don't work on an NT4 domain.
A tip I found earlier: Funk Software's Odyssee Server is great and simple for WLAN only use (RADIUS). Can authenticate against an NT4 domain specifically.
An other option (but I have not tried it myself, nor looked into it in-depth) seems to be that you could plug samba 2.x in your domain with a win2k client machine to provide the translation of NT4 domain authentication to LDAP (which can then be used for the RADIUS). At the very least this sounds rather tricky to set up but might be an option if nothing else works.
HTH
MC
michael.owen wrote:
Hi all,.
I've been looking into a small-scale 802.1x rollout, and have encountered something of a problem. The systems on the network I'd be NAC-ing are XP boxes which are members of an NT4 domain, with all users authenticated at the domain level. (No local accounts are typically used.) I was hoping to use machine authentication, but it seems as though most RADIUS servers only support machine auth when they have a directory (typically AD) to confirm the membership of the supplicants.
- Follow-Ups:
- Re: 802.1x machine authentication without directory
- From: Michael Owen
- Re: 802.1x machine authentication without directory
- References:
- 802.1x machine authentication without directory
- From: michael . owen
- 802.1x machine authentication without directory
- Prev by Date: Re: 802.1x machine authentication without directory
- Next by Date: Re: 802.1x machine authentication without directory
- Previous by thread: Re: 802.1x machine authentication without directory
- Next by thread: Re: 802.1x machine authentication without directory
- Index(es):
Relevant Pages
|
