Re: Freeradius + Kerberos + Windows clients
On Tue, Sep 03, 2013 at 05:12:16PM +0200, Wolfgang Schweer wrote:
> On Tue, Sep 03, 2013 at 04:16:48PM +0200, Giorgio Pioda wrote:
> > Unfortunately I still have several Win users. They should login
> > with EAP-TTLS.
> > I've read in several forums that there is no native support
> > for EAP-TTLS in Win. Many forums suggest either to use
> > SecureW2 supplicant (or others, like wpa_supplicant for win)
> > or to set up the Kcrap daemon on the freeradius server.
> > Well on Win 7, in the advanced options I've found the EAP-TTLS,
> > but is not working. (I expected NOT to find it).
> IIRC, this was still broken on win7; SecureW2 should work.
> You can download (and then adapt it, cause there's some German stuff
> inside) the last SecureW2 OSS version, somehow preconfigured for Debian
> Edu. (Win2000 and WinXP had to be treated somehow different, but I guess
> those are gone now.)
> (This was configured for machines used by different people, so the last
> user should not show up upon a new login.
> Good luck.
Do I have to regenerate the sha1 hash of the RootCA ?
Giorgio Pioda - Sysadmin SPSE-Tenero
Cell +41 79 629 20 63
Uff. +41 91 735 62 48