> For your case 1): depends. If there actually is a user cert on the client's > box and its CN does not contain an @, same as above applies. If their CN does > contain an @, well, then you are pretty much lost. Shouldn't be many though. >
No certs on users boxes, completely vanilla installs... Well as vanilla as a students laptop can be ... vanilla + Azureus + Kazza + Spyware >Not that I can think of. You shouldn't be able to coax a supplicant >onto >a network by munging authentication (this is a *good* thing). >josh. Yes it is I suppose :) This is what I suspected... I was planning on just sending an Access-Accept EAP packet and seeing what happened. But i'm guessing even if it did work (due to microsoft supplicant being horribly broken) it would go against quite a few RFCs, and wouldn't really make a good case study for JRS ;) Thanks for both your replys :) -- Arran Cudbard-Bell ([EMAIL PROTECTED]) Authentication, Authorisation and Accounting Officer Infrastructure Services | ENG1 E1-1-08 University Of Sussex, Brighton EXT:01273 873900 | INT: 3900 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
