<html><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><br></div>RADIUS.<div><br></div><div>I have been experimenting with using RADIUS to control access through wireless access points and have successfully connected a bunch of Airport Extremes to Microsoft Internet Authentication Server (IAS). IAS provides a RADIUS type service that can be integrated with Active Directory if you choose to do so.</div><div><br></div><div>Using a mixture of access policies it would be possible to restrict access to particular users in particular areas at certain times. RADIUS can be used to control access to wired networks as well as wireless, the basic protocol involved is 802.1x.</div><div><br></div><div>Experimentation in this has been "blogged" at</div><div><br></div><div><span class="Apple-tab-span" style="white-space:pre"> </span><a href="http://wiki.creative.auckland.ac.nz/groups/itstaff/wiki/08b90/Microsoft_IAS__Apple_Airport__Mac_OS_X_and_Vista.html">http://wiki.creative.auckland.ac.nz/groups/itstaff/wiki/08b90/Microsoft_IAS__Apple_Airport__Mac_OS_X_and_Vista.html</a></div><div><span class="Apple-tab-span" style="white-space:pre"> </span>(draft)</div><div><br></div><div><br></div><div>Other AD approaches.</div><div><br></div><div>The policy stuff I sent originally works with Macs that are members of the AD -ie. you can apply group policy to OUs containing Mac computers and the policy will be honoured by the directory. I applied the "Allow log on locally" policy described at</div><div><br></div><div><span class="Apple-tab-span" style="white-space:pre"> </span><a href="http://itadmin.creative.auckland.ac.nz/FAQ/Network/ActiveDirectory/restrictAccessPolicy/">http://itadmin.creative.auckland.ac.nz/FAQ/Network/ActiveDirectory/restrictAccessPolicy/</a></div><div><br></div><div>and a MacBook Pro (10.5.6) joined to the local AD would only allow people in the specific groups I defined to log on.</div><div><br></div><br><div apple-content-edited="true"> <span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Monaco; font-size: 10px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-align: auto; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Monaco; font-size: 10px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Monaco; font-size: 10px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><span class="Apple-style-span" style="border-collapse: separate; color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><div style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; ">Mat</span></font></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; ">--</span></font></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; ">Matiu Carr <<a href="mailto:m.carr@auckland.ac.nz">m.carr@auckland.ac.nz</a>></span></font></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; "><br class="webkit-block-placeholder"></span></font></div><div><span class="Apple-style-span" style="font-family: Monaco; font-size: 10px; ">IT Manager</span></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; ">National Institute of Creative Arts and Industries</span></font></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; "><br class="webkit-block-placeholder"></span></font></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; ">+64 9 3737 599 x86511</span></font></div><div><font class="Apple-style-span" face="Monaco" size="2"><span class="Apple-style-span" style="font-size: 10px; "><a href="http://www.people.auckland.ac.nz/Mat/">http://www.people.auckland.ac.nz/Mat/</a></span></font></div><div><br></div></div></div></div></span></div></span><br class="Apple-interchange-newline"></div></span></div></span> </div><br></body></html>