On Wed, Jul 15, 2009 at 1:52 AM, Ivan Kalik<[email protected]> wrote: >> Can I create a client cert for a computer so that any user that logs >> in may use it automatically under Windows XP? I have successfully >> created a client.p12 with the FQDN of the workstation I am using, >> installed it and been authenticated by Freeradius. However when I log >> in to the computer under a different windows profile authentication >> fails. > > Yes, that's how user certificates work. > >> How should I create this file and where do I place this cert so that >> it's available for any user logging on? > > The whole idea of user certificates is for this not to be possible.
Thanks for the reply Ivan, So are the following correct?: (1) I can create a single cert for a computer and distribute it to all users who may use that computer (2) I can create a cert for every user and distribute it to every computer that a user logs into. (3) I cannot create a generic "computer cert" that authenticates the computer and opens the port? Thanks! John - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
