Solved

Windows 8.1 Wireless Authentication Single Sign On for EAP-TTLS

Posted on 2014-04-29
6
5,212 Views
Last Modified: 2014-05-05
We need our Windows 8.1 client computers to logon to the wireless system prior to user authentication.  They now logon to the wireless with no issue after the user logs in.

This could be accomplished by creating a Wireless Network Policies GPO and pushing it to the wireless clients.

We use WPA2 enterprise, and EAP-TTLS but our servers are server 2008R2.
EAP-TTLS was added as a choice to Wireless Network Policies in GPOs in Server 2012, so it is not a choice when we create a GPO on our server.

1.  Is there a way to add the EAP configuration options from Server 2012 to a Server 2008R2?

2.  Is there some other, less fancy way of getting a windows 8 machines to authenticate to the wireless prior to user login?  I read that adding the following registry entry involving netsh to
HKLM\Software\Microsoft\Windows\CurrentVersion\Run  would work

%comspec% /c netsh wlan connect name=profile_name

The netsh command does connect to the network when run from the command line, but does nothing when placed like this in the registry. (not for windows 8.1)

http://community.spiceworks.com/how_to/show/2047-enable-wireless-connection-pre-logon-on-domain

Anyone dealt with this?
0
Comment
Question by:dakota5
  • 4
  • 2
6 Comments
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40030353
If you want to use EAP-TTLS you just can't with Server 2008.  However, if you want to use computer authentication you can do this natively in Server 2008 by using computer certificates and standard EAP-TLS.

I'm guessing though that you're wanting to use TTLS so you don't have to deploy certificates to your workstations?
0
 

Author Comment

by:dakota5
ID: 40030602
We are a department within a large institution with an existing EAP-TTLS system.  We configure our clients to deal with whatever IT hands us.

I'm going to try exporting the working profile from the windows 8.1 client as XML and import that into the Server 2008 R2 GPO
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 40030852
You would need a suitable ADM file. You could try adding the relevant XML config for the policy but it probably won't work.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:dakota5
ID: 40031061
Right.  I tried that, and no it did not work.

Anyone know of  a wireless driver package that includes EAP-TTLS that will run on Windows 8?
The standard CISCO package worked for XP and Windows 7, but not for Windows 8
0
 

Accepted Solution

by:
dakota5 earned 0 total points
ID: 40033020
The answer was simple.  Advanced settings are a bit hidden in Windows 8.

Connect to network in normal way.  Go to network and sharing center.
In the active networks section, click the link that is the active connection.

Wireless properties | security | advanced settings
authentication mode is fine as user.
Save credentials.  Popup states that this allows your computer to connect to network when you are not logged in.  You will be connected prior to login after bootup and also after you logout.

Apparently this is not the same as saving your credentials when you create the network with the Windows 8 network charms.
0
 

Author Closing Comment

by:dakota5
ID: 40041636
It took forever, but I did find the answer on the internet.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

What to do when Windows Update is not working correctly? What tools can I use to detect the cause of the malfunction problem? What does this numeric error code mean? These and other questions that you have been asking in the past are answered here (…
Detailed instructions on how to install an Access add-in in recent versions of Office and Windows (with screen shots)
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now