Hi, Yes i have. As I wrote for normal AD computers is it working fine. But I want it also for non AD computers with 802.1X User only.
In the radius request for the machine auth. the Username attribute is host/<computername>. [http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg] [cid:[email protected]] Martijn Langendoen netwerkbeheerder [email protected]<mailto:[email protected]> [cid:[email protected]] 0118 654307 [http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/facebook.jpg]<https://www.facebook.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/twitter.jpg]<https://www.twitter.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/linkedin.jpg]<https://www.linkedin.com/company/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/instagram.jpg]<https://www.instagram.com/dezbnl>/dezbnl www.dezb.nl<http://www.dezb.nl/> [cid:[email protected]] Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg Van: Baptiste Leroy via PacketFence-users <[email protected]> Verzonden: 24 May 2022 22:49 Aan: [email protected] CC: Baptiste Leroy <[email protected]> Onderwerp: Re: [PacketFence-users] 802.1X user authentication but not machine. Hello. Did you create an authentication source ? You have to create an authentication source Type Active Directory with sAMAccountName as search attribute (this is the value by default anyway) Le mar. 24 mai 2022 à 22:04, Martijn Langendoen via PacketFence-users <[email protected]<mailto:[email protected]>> a écrit : Hello all, I have 802.1x implemented in the network and is working fine with laptops that are in de (onprem) AD with an account and the user as well. Now I get laptops (BYOD) for example but with Azure AD account (for example intune laptops) and I want only the 802.1X user authentication and not the machine auth because that fails and my cisco switch is blocking that port in this situation. In PF I make already an radius filter that if the username begins with host/ (the user-name is the computername with in the beginning host/<computername> ) then send a radius accept but this never happend. So has anyone a clue? [http://www.dezb.nl/content/dam/zeeland/zeeuwse/bestanden/logo-zb-email.jpg] [cid:[email protected]] Martijn Langendoen netwerkbeheerder [email protected]<mailto:[email protected]> [cid:[email protected]] 0118 654307 [http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/facebook.jpg]<https://www.facebook.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/twitter.jpg]<https://www.twitter.com/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/linkedin.jpg]<https://www.linkedin.com/company/dezbnl>[http://www.dezb.nl/content/dam/zeeland/zeeuwse/icoontjes-social-media/instagram.jpg]<https://www.instagram.com/dezbnl>/dezbnl www.dezb.nl<http://www.dezb.nl/> [cid:[email protected]] Kousteensedijk 7 4331 JE Middelburg Postbus 8004 4330 EA Middelburg _______________________________________________ PacketFence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
