Can you please send steps, I am also trying to so the same.
Rakesh ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rick wiltshire Sent: Sunday, September 23, 2007 4:48 PM To: [email protected] Subject: Support for SSO Active Directory & PEAP-MS-CHAP-v2 Dear All, I need help with dot1x implementation in an Enterprise LAN. Our target is to authenticate and authorize users based on their identities (domain user names) as well as applying GPOs on users. Our authentication Backend is: Active Directory Our Authorization & Accounting is done by: freeRADIUS Authorization Attributes control VLAN assignment (hence, IP address pool) Required Authentication EAP-Type : PEAP & MS-CHAP All Clients are using WinXP supplicant. I managed to implement PEAP&MS-CHAP with this setup however with users who have cached credentials on their PCs. If the user logs on the PC for the first time, he fails to reach the active directory to authenticate since the connection is not yet authorized. So what I need is get the computer authenticated and assigned an IP address and then authenticate the user in a following phase while the connection is up. Any clues with authenticating domain machines using freeradius and active directory implementation? Attention: Any non-official business related views, opinions and other information presented in this electronic mail are solely those of the sender/author. Burgan Bank does not endorse or accept responsibility for their opinions. If you are not the addressed indicated in this mail or responsible for delivering this message to the intended, you should delete this message and notify the sender immediately. ------------------------------------------------------- Burgan Bank S.A.K www.burgan.com
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
