Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows 8.1 Wireless Authentication Single Sign On for EAP-TTLS

Posted on 2014-04-29
6
Medium Priority
?
5,456 Views
Last Modified: 2014-05-05
We need our Windows 8.1 client computers to logon to the wireless system prior to user authentication.  They now logon to the wireless with no issue after the user logs in.

This could be accomplished by creating a Wireless Network Policies GPO and pushing it to the wireless clients.

We use WPA2 enterprise, and EAP-TTLS but our servers are server 2008R2.
EAP-TTLS was added as a choice to Wireless Network Policies in GPOs in Server 2012, so it is not a choice when we create a GPO on our server.

1.  Is there a way to add the EAP configuration options from Server 2012 to a Server 2008R2?

2.  Is there some other, less fancy way of getting a windows 8 machines to authenticate to the wireless prior to user login?  I read that adding the following registry entry involving netsh to
HKLM\Software\Microsoft\Windows\CurrentVersion\Run  would work

%comspec% /c netsh wlan connect name=profile_name

The netsh command does connect to the network when run from the command line, but does nothing when placed like this in the registry. (not for windows 8.1)

http://community.spiceworks.com/how_to/show/2047-enable-wireless-connection-pre-logon-on-domain

Anyone dealt with this?
0
Comment
Question by:dakota5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 47

Expert Comment

by:Craig Beck
ID: 40030353
If you want to use EAP-TTLS you just can't with Server 2008.  However, if you want to use computer authentication you can do this natively in Server 2008 by using computer certificates and standard EAP-TLS.

I'm guessing though that you're wanting to use TTLS so you don't have to deploy certificates to your workstations?
0
 

Author Comment

by:dakota5
ID: 40030602
We are a department within a large institution with an existing EAP-TTLS system.  We configure our clients to deal with whatever IT hands us.

I'm going to try exporting the working profile from the windows 8.1 client as XML and import that into the Server 2008 R2 GPO
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 40030852
You would need a suitable ADM file. You could try adding the relevant XML config for the policy but it probably won't work.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:dakota5
ID: 40031061
Right.  I tried that, and no it did not work.

Anyone know of  a wireless driver package that includes EAP-TTLS that will run on Windows 8?
The standard CISCO package worked for XP and Windows 7, but not for Windows 8
0
 

Accepted Solution

by:
dakota5 earned 0 total points
ID: 40033020
The answer was simple.  Advanced settings are a bit hidden in Windows 8.

Connect to network in normal way.  Go to network and sharing center.
In the active networks section, click the link that is the active connection.

Wireless properties | security | advanced settings
authentication mode is fine as user.
Save credentials.  Popup states that this allows your computer to connect to network when you are not logged in.  You will be connected prior to login after bootup and also after you logout.

Apparently this is not the same as saving your credentials when you create the network with the Windows 8 network charms.
0
 

Author Closing Comment

by:dakota5
ID: 40041636
It took forever, but I did find the answer on the internet.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
Detailed instructions on how to install an Access add-in in recent versions of Office and Windows (with screen shots)
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question