hi, hoping that their password for their PC account is the same as you have in LDAP or AD... hwta you need to do is enable the nt fix stuff in the mschap module etc - and then ,when doing auth, use the stripped username, dont use the mschap:username etc - this will be a plain user name without the domain part.
best idea? ensure they;ve configured their machine correctly rather than hacking up the authentication server just because you can - or else you'll be a slave to fixing up things for every future wierdnedd that comes your way. (use .Net, powershell, VB or even C to write a small 'setup tool' for your Wireless that configures the profile correctly and drops the cert required into place - let the RADIUS server do what it does as it should) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

