Dumb question... In your 802.1x configuration on your Windows
laptops, you *do* have both "Authenticate as a machine..." and
"Automatically use my Windows credentials" enabled, yes?
--Mike
On Feb 1, 2007, at 1:26 PM, Lee Weers wrote:
My problem is there are no cached creditials on the machine. I don't
even make it as far in to get a pop up box, because as soon as I
select
OK I get the error of Domain is unavailable.
-----Original Message-----
From: Lee Badman [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 01, 2007 12:39 PM
To: [email protected]
Subject: Re: [WIRELESS-LAN] Problems with Windows 802.1x supplicant
On the login box- which is preceeded by "Click here to select a
certificate or other credential" balloon pop-up, we inititially shot
ourselves in the foot somewhat as part of our Novell client build
was a
registry tweak to disable such pop ups (this was done long before .1x
was even a twinkle in the eye). That little pop up is critical to
getting the initial login box. And to say credentials are cached
indefinitely may be stretching it- when users change their
passwords in
AD (or whatever) the cached credentials then become invalid (just
to be
complete).
Lee
Lee Badman
Network/Wireless Engineer
Syracuse University
315 443-3003
[EMAIL PROTECTED] 2/1/2007 1:28 PM >>>
I would think this would be a RADIUS /IAS Issue. I do ths almost
daily:
Add a temporary user to AD/ACS/RADIUS and log in with my WZC utility.
It prompts on the first login attempt for my uname/pw and to
verify the
cert. However, this box does not often show itself easily and
seems to
hide behind any window that happens to be open. clear all windows
from
desktop and during the auth process, continually click on the little
wireless icon in the task bar. This seems to force the window from
the
realm of invisibility. Once you do this, it will cash the credentials
indefinately. I've had varying degrees of success with the "clear
cached credential" registry change that msoft talks about...
How to remove cached user credentials that are used for PEAP
authentication in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;823731
1. A laptop that belongs to our domain, but the user has never
logged into it before (so no cached creditentials exist) it errors
with the Domain is not available. If cached creditentials do exist
then they get logged in.
**********
Participation and subscription information for this EDUCAUSE
Constituent
Group discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE
Constituent
Group discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at http://
www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
