Solved

Windows XP: PEAP pre-logon authentication, active directory.

Posted on 2008-10-20
5
2,546 Views
Last Modified: 2013-11-12
Hi,
We got an Cisco WLC 4404 running 5.1.151.0. We are using PEAP with MS-CHAPv2, the Clients are running Windows XP SP3. The wireless configuration is distributed via group policy.
Is there a way to authenticate the users before the log on to the domain? Maybe this is possible via the machine account? Thanks.
 
0
Comment
Question by:mchammer7
  • 2
5 Comments
 
LVL 25

Expert Comment

by:slam69
ID: 22975451
No way to authenticate before they get onto the domain

what are you trying to achieve?
0
 
LVL 25

Accepted Solution

by:
slam69 earned 500 total points
ID: 22975469
You can use dial up networking which means they will always authenticate to teh domain for connection or you can use cached crednetials to log onto teh machien but you cant authenticate the users for domain entry until they are logged onto teh domain as you could have a machine thats out in teh field for months and might have leavers credenatils on it that would authenticate at machine level but wouldnt then be valid against AD
0
 

Expert Comment

by:jbrophy11
ID: 24498200
I know what you're  trying to accomplish and I have a solution. Instead of authenticating the clients using the user credentials, use Computer Account credentials.

You'll need to setup a Wireless Network that uses PEAP authentication, then use IAS (Radius) on a Domain Controller and setup the authentication to use the Computer Account. The computer account credentials are set automatically when the PC joins the domain...so don't waste time trying to figure how to set the computer account password, just select the option on the client side to Authenticate as Computer.

I can provide additional details if need be, let me know if this helps.

ps - We're doing the same thing in our environment so Wireless laptop users can access network resources prior to logging into the domain......allowing for the client to actually accomplish a full Active Directly logon executing scripts and software distribution etc.....
0
 

Expert Comment

by:YoweighNOLA
ID: 25851646
I know this thread is old, but I'd like those additional details, please. Is there a way I can contact jbrophy11 directly?
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question