[strongSwan] Windows 10 DeviceTunnel and rightid via LDAP/AD or RADIUS?
tobias at strongswan.org
Wed Jun 26 10:25:38 CEST 2019
> This work as expected but all clients have to have certificates where the DN is part oft he same LDAP-tree
You could add multiple connections (using `also=<existing connection>`)
each with different remote identities.
> Is there a possibility to extend the authorization with group memebrship
> coming from LDAP/AD or RADIUS?
Not if you don't authenticate against RADIUS , which is not possible
with machine certificates, only via EAP-TLS, which relies on user
certificates on Windows.
More information about the Users