Options
Radius authentication question
When i use WAP-TLS as an authentication method for wireless, the user name that is sent is the principle name
username@mydomin.com
however when i use machine authentication the user name is sent as domain/hostname
Now I can still use the princible name if it is in the certificate, but i need the radius username to be in the host@mydomain.com as this is a requirement of a shared wireless network I am a member of.
So my question is, on windows 7 can you when using machine based authentication get it to send the user name in the principle name format?
Cheers
username@mydomin.com
however when i use machine authentication the user name is sent as domain/hostname
Now I can still use the princible name if it is in the certificate, but i need the radius username to be in the host@mydomain.com as this is a requirement of a shared wireless network I am a member of.
So my question is, on windows 7 can you when using machine based authentication get it to send the user name in the principle name format?
Cheers
- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com
Comments
-
Options
docrice
Member Posts: 1,706 ■■■■■■■■■■
I assume you meant "EAP-TLS" - the user and domain formatting is typically handled by the RADIUS server. FreeRADIUS, NPS, etc. should have the ability to convert between the user@domain and domain\user forms. I don't remember the specifics off-hand since it's been quite a while since I dealt with .1X, but this is a pretty common issue from what I remember.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/