How to authenticate computer before user log on, NPS Server Windows XP (SP3) Windows 7
Posted on 2011-05-11
i have to set up 802.1x in my company, we are running with Windows Server 2008 R2.
All the machines will use wired connection to communicate with NPS Server.
In my company we have many requirements regarding networking rules.
1) We must have a local (non-domain) adminisrator account to manage any computer
2) We remotely take control of clients for maintenance purposes
3) We load scripts immediately after user login so as to mount personal network storage
4) The vlan must be dynamically assigned according to the user account
I succeded in setting up the authentication through a domain user account, the problem is that the machine machine is placed on the network only a few minutes after the openning of the account, time during which the script is launched without having the network. So when the computer gets the network we can't see the attached network storages.
An other problem is when users who never openned a session can't open a session because the machine is not on the network and is not able to contact domain controller.
To fix all those problems i am thing about authenticating the machine before user log on, but i don't find any clear guide on the net that could help me to solve the problem, do i need to user certificate, if so how to deploy it. I try to deploy some computer certificate, but after creating template i can't see them when i want to issue them in "certificates templates"
Also my Certification Authority and Domain controller are on the same machine.
Thanks for helping me.