PowerBroker Identity Services – Open Edition git repository: git://source.pbis.beyondtrust.com/pbis.git
Windows Machine Authentication:
A few very helpful links to me:
Many corporation deploy 802.1x machine authentication, because it's more secure than username authentication. Here's a guide of how to do such authentication.
The basic idea is that when a machine joins an AD domain, DC generates a password corresponding to that machine name. The password is transparent to administrators, but an open source software "likewise open" can get this password. So we can use machine name and password to do a 802.1x machine authentication, with PEAP-MSCHAPV2, other than EAP-TLS certificate.
The client is configured to provide some form of credentials when it connects to an 802.1x network. These credentials could be in the form of a username/password, machine account/password, certificate, or a number of other lesser used credentials.