Hi Allen,
in fact it´s really simple, when you join a domain with a windows
machine then a machine account is created.
So in the 802.1x supplicant (windows side) you can choose to do machine
and user auth.
So when the computer start, it do machine auth and when the user enter
his username and password then a new 802,1x connection is done with the
user credential (when you logoff then it become machine auth).
Where the config you have to do in packetfence:
https://github.com/inverse-inc/packetfence/blob/stable/docs/PacketFence_Administration_Guide.asciidoc#example
Also check
https://github.com/inverse-inc/packetfence/blob/stable/lib/pf/vlan/custom.pm
to enable autoreg ( shouldAutoRegister).
Regards
Fabrice
Le 2014-11-22 18:09, Steve Allen a écrit :
Hi Durand
Could you expand on what that is?
I've not come across that yet
Thanks
Steve
On 22 Nov 2014 14:29, "Durand fabrice" <[email protected]
<mailto:[email protected]>> wrote:
Hi,
why don´t you use machine authentication and user authentication
with autoreg enabled ?
Regards
Fabrice
Le 2014-11-22 04:47, Steve Allen a écrit :
Hi
We are a few months away from rolling out PacketFence to our
network and I would like to make sure we are following the best
practises to ensure it is as secure as possible.
At the moment we have tested and it works great with Cisco 2960
switches and 802.1x.
My next testing is it use laptops that are connected to a Windows
Server 2008r2 domain.
Currently the laptops have very limited access when they boot up
as they start off in the registration VLAN.
My question today is regarding computer start up group policies
on domain machines.
I have read you can change some group policies settings so when
the users presses ctrl,alt+del and logs in with their AD username
and password this also "triggers" the 802.1x process to put them
in the correct VLAN. This is obviously after the computer has
booted up.
Does anyone have any documentation on what I need to allow in the
registration VLAN so I don't break Group Policies start up policies?
Thanks,
--
Regards,
Steve Allen
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and
Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration
& more
Get technology previously reserved for billion-dollar
corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
