Thank you for the generous stuff @BrothersTM. For RADIUS, I will be correct. I played a lot with NPS, when I was working on my MCSA 2008R2. By the way ; I'm not sure AD is aware of MAC addresses. So far ; my understanding of AD is, it does authentication by username and/or computer ID. The username/password is manually provided by a user. The computer account (with automatic password) is automatically generated when the Workstation is added to the domain. When the station is added to the domain, it is said that a "trust" relationship is established between the Domain Controller and the Workstation ; that's a security level, which is not based on MAC address. My understanding of 802.1x Port-based authentication is ; basically, it asks to RADIUS if a switch port can be opened (or not), by verifying of the credentials of the computer (or the user using it). That process does not necessarily need to take into account of MAC-Adresses. In conclusion. MAC-Based Access Control and Port-Based Access Control could be two different issues. One next subject I will need to investigate. How a workstation not belonging to AD could authenticate (Port-Based) with a RADIUS server (using AD) ?
... View more