We were not able to figure out a way to force Windows to reprompt users for their passwords so we just educated them as simply as possible on how the authentication process works so that they would be able to identify and correct the problem on their own. Unfortunately by the time the users get to change their passwords some of them completely forget about the fact the their credentials need to be deleted. Amazingly enough though, we've only got a couple of trouble tickets that have been related to that specific issue.
To delete credentials we provide the options to do it either through a script that we made available online, or asked them to delete the SSID from their preferred networks and then reconfigure it. Finally, when a user changes his/her password, they get a message reminding them of the issue and a link to our documentation for more information and instructions. Hope it helps. Hector Rios Telecommunications Analyst, NI LSU Information Technology Services From: Kobiske, Rob [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 31, 2007 11:13 AM To: [email protected] Subject: [WIRELESS-LAN] 802.1x and password changes I was wondering how others handle account password changes and wireless. The problem we seem to be running into is if a user changes their password and then tries to connected to wireless, windows will try to connect using the old cached username and password but will fail, and never reprompts them for their new password. According to KB823731 (http://support.microsoft.com/kb/823731), by design, the cached credentials are not deleted and do not time out unless the user fails to authenticate or the wireless network is removed from the preferred list. This does not seem to be the case for us. Windows never reprompts for the password when the user fails to authenticate. Has anyone been able to find a way to force windows to reprompt when the username and password fail, or has everyone been instructing users to delete the registry key that KB823731 talks about? We are running IAS for our RADIUS servers. Thanks, Rob Kobiske University of Wisconsin Stevens Point ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
