EAPOL, VLANs and network drives

[Oleksandr Darchuk <o.darchuk () wucb lviv net>]

Hello.
Sorry for possible offtopic, but as I see,  people in this mail list 
work with some network features and possible will help me with some advices.
I decided to separate my network on some VLANs.  But users in our office 
migrate too fast and to often, that's why  I try to bound VLAN ID to 
username, not to fixed port on switch. I use EAPOL with RADIUS for that. 
When user bypass  EAPOL auth, RADIUS server sends attribute 
Tunnel-Private-Group-ID = X and switch (I use Nortel BayStack) mark port 
as VLAN X untagged member. It is rather smart configuration, because 
when user migrate in other department I just change RADIUS file and 
don't need to find new port on swith and reconfigure it. Everything 
works fine, but I have problem with Novell login/network drives. When 
computer turn on,  NetWare client run login script _during_ users loging 
into WinXP/Win2K and it's _before_ EAPOL auth. That's why user can't map 
network drives and need to relogin.
So, can anyone give me some advice how to fix it: e. g. to set VLAN ID 
in other way? Or to reconfigure EAPOL client? Or RADIUS server (btw I 
use freeradius). Is it possible that my configuration will work when use 
Microsoft radius beside freeradius and use Windos AD  besides NetWare? 
Possible somebody work with EAPOL more familar? At least reccomend me 
other maillist.
Sorry for pure English and thanks for all advises.


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------