> xp machine sends its machine auth to radius it sends
> host/machinename.activedirectorydomain.domain.domain. so freeradius
> takes the activedirectorydomain part of that and assumes that the
> domain's actual name (what you use for authentication) in our
> case....blame the windows people, that is NOT the case. example
> computer.ad.clarku.edu is the dns name...however that computer is
> actually joined to the CLARKU domain..so the authentication needs to be
> against the CLARKU domain as the AD domain doesn't exist. does that
> make sense? any ideas?
well, you can use regexp/attr_filter to look for these systems
and then just chop off the activedirectorydomain.domain.domain. part
thus allowing the AD REALM to be forced by yourselves.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html