Hello,
What is the easiest way to block machine name auth requests to a Radius server but not blocking a domain userid on the same machine authenticating? I have noticed through captures that a lot of machines are trying to authenticate:
/snip
Aug 20 12:52:10 authmgr[1532]: <132207> <ERRS> |authmgr| RADIUS reject for station host/MACHINE712849.intl.domainname.com 08:11:96:d7:3d:6c from server RADIUS1.
Aug 20 12:52:22 authmgr[1532]: <132207> <ERRS> |authmgr| RADIUS reject for station host/MACHINE715323.intl.domainname.com 60:67:20:96:f0:62 from server RADIUS1.
Aug 20 12:53:04 authmgr[1532]: <132207> <ERRS> |authmgr| RADIUS reject for station host/MACHINE710161.intl.domainname.com 58:94:6b:35:59:2c from server RADIUS1.
/snip
I was to understand that through GP that "use machine name" had been disabled, but clearly it has not. I am trying to root this out of a wider radius timeout issue I am seeing to two servers that domain users of the above machines would use to connect.
I was looking at server rules within the 802.1x auth server group but was concerned that blocking/dropping an auth request woudl be associated with the MAC address and would therefore also block a domain user on the machine.
In short - is it possible to have the controller drop a radius request when the machine is trying to authenticate (which will never work) as opposed to a domain username, even on the same machine.
Thanks.