![]() I got it running in my lab with Active Directory fine-grained password policies.ġ.) Raise functional domain level to Windows 2008Ģ.) Follow the step-by-step guide (WS.10).aspx to create a PSO which does NOT have complex password settingsģ.) Create an OU, e.g. When I trigger 802.1x authentication at a supplicant, NPS does not find the device (MAC-Address) in AD. Created a simple objekt by means of an ldifde.exe importĭn: CN=001b21******,OU=ethers,DC=dot1x,DC=com Created a new structural class"myieee802Device", based on the abstract class "ieee802Device" I have tried to get this working (with no success.), unfortunately I did not find any guidelines on the web how to accomplish this. The guide mentions the use of the 'ieee802Device' class that is build into Windows Server 2003R2 and above. According to (MAC Authentication Bypass Deployment Guide as of May 2011), when you use Microsoft NPS, you cannot simply add MAC-Adresses as Active Directory user objects if your domain has strict password enforcement policies (because passwords are not allowed to match usernames under that circumstances).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |