locked
Mac authentication with Radius

    Question

  • I have a customer that has network access controls enabled on their switches.  The customer is wanting to do radius authentication.  Printers and other network devices that can not integrate with active directory.  Will Windows 2008 server that is setup with radius be able to do mac authentication for the network devices that have no active directory user account?

    Thanks

     

    Wednesday, November 18, 2009 2:01 PM

All replies

  • You can use MAC address authorization to accomplish this. Basically what you do is create a user account in AD using the device's MAC address, and then NPS can authorize the connection.

    For detailed deployment information, please see the NPS Technical Reference, specifically the topic "MAC Address Authorization," at http://technet.microsoft.com/en-us/library/dd197535(WS.10).aspx.

    Also please note that this is authorization, not authentication, and is not secure. It is not recommended that you deploy MAC Address Authorization for security reasons.

    Thanks --

    James McIllece
    Microsoft Corporation
    Friday, December 04, 2009 9:33 PM