[email protected] wrote:
It is bad news, you say check mac address too
no way reject it simple without mac...
How much simpler can you get? You say that it is a problem that a user
with AD account gets access from an unauthorized machine. The only
answer is to check machine credentials. mac filtering is the simplest
thing you could posssibly do. People who consider this a real problem
use machine certificates. Or NAC.
Ivan Kalik
Kalik Informatika ISP
I just thought there is a setting which is usefull to differentiate the
HOST/username and DOMAIN/username
Thank you
Gabor
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
