Are you using IAS for your RADIUS server? If so, what you may be
running into is just Windows XP's helpful
bring-the-login-box-up-before-the-network-is-ready feature. Windows
2000 and below wouldn't show you the login box until the network
connections had been completed, however Windows XP will show it before
its done. This, combined with eager users, means that a login attempt
will occur before the machine can contact a domain controller, resulting
in the use of cached credentials, etc.
Unfortunately I can't remember or put my finger on document that lists
the exact registry key at the moment, but there is a registry key in XP
that you can set that will change the behavior so that the login window
is *not* displayed until XP has brought up all the network connections,
including 802.1x authenticated connections.
--Mike
Katie Rose wrote:
At Notre Dame, we're finding some issues when using 802.1x on
computers that belong to our Active Directory domain. The
authentication to access the wireless network appears to happen after
the user has actually logged into the computer, so some GPOs to manage
the computer don't get applied properly during login. Is anyone else
seeing this issue? If so, how are you handling it?
Thanks in advance,
Katie Rose
University of Notre Dame - OIT
**********
Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
