We are using PPs as a radius proxy with windows AD 2012. There are 3 different domains that are authenticating through the radius(different Auth servers). Is there a way for pps to understand the netbios name of the domain and not require the kerberos name?
The thing is that lets say on of the domains is aaa.bbbb.ccc, that is the kerberos name and the netbios domain is aaa. The only way for pps to understant the domian is by authenting with firstname.lastname@example.org but we want, if possible, to use domain\user. We'd want to have windows machines use the users login credentials to do .1x and it would be easier for the user if he could use the second format.
Has anyone faced that issue?
I haven't set this up, but in theory, what you can do is create a RADIUS REQUEST ATTRIBUTE policy based on the user-name attribute. You should be able to use a regular expression in the field to match whatever you want. Then, you apply that request policy to the specific user realm that has the correct authentication method you desire.
Hope that helps.
Global Escalation Manager