djhawthorn
Technical User
Hello,
I want to secure a LAN and all PC's with a 802.1x technology (EAP-TLS). This works fine when the OS is active because the supplicant is managed at the OS level and the supplicant can communicate with the authenticator.
However, how would I go about automating the installation of a certificate during the RIS install of a machine?
Scenario: when the machine PXE-boots and is requested for its certificate, it will not respond. For the text mode setup this won't be a problem, as we will redirect these clients to a quarantine network, where the RIS servers will reside. However, GUI mode setup (when the machine needs to join the domain) I need it to be on the production network; thus it will need a certificate by this time.
Is there a way to get around this?
Ideas/suggestions?
Thanks heaps.
![[ponder] [ponder] [ponder]](/data/assets/smilies/ponder.gif)
The dumber they think you are, the more surprised they'll be when you kill them! ![[machinegun] [machinegun] [machinegun]](/data/assets/smilies/machinegun.gif)
![[rofl2] [rofl2] [rofl2]](/data/assets/smilies/rofl2.gif)
I want to secure a LAN and all PC's with a 802.1x technology (EAP-TLS). This works fine when the OS is active because the supplicant is managed at the OS level and the supplicant can communicate with the authenticator.
However, how would I go about automating the installation of a certificate during the RIS install of a machine?
Scenario: when the machine PXE-boots and is requested for its certificate, it will not respond. For the text mode setup this won't be a problem, as we will redirect these clients to a quarantine network, where the RIS servers will reside. However, GUI mode setup (when the machine needs to join the domain) I need it to be on the production network; thus it will need a certificate by this time.
Is there a way to get around this?
Ideas/suggestions?
Thanks heaps.
![[ponder] [ponder] [ponder]](/data/assets/smilies/ponder.gif)
![[laughtears] [laughtears] [laughtears]](/data/assets/smilies/laughtears.gif)
![[machinegun] [machinegun] [machinegun]](/data/assets/smilies/machinegun.gif)
![[rofl2] [rofl2] [rofl2]](/data/assets/smilies/rofl2.gif)