Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5561
  • Last Modified:

Windows 8.1 Wireless Authentication Single Sign On for EAP-TTLS

We need our Windows 8.1 client computers to logon to the wireless system prior to user authentication.  They now logon to the wireless with no issue after the user logs in.

This could be accomplished by creating a Wireless Network Policies GPO and pushing it to the wireless clients.

We use WPA2 enterprise, and EAP-TTLS but our servers are server 2008R2.
EAP-TTLS was added as a choice to Wireless Network Policies in GPOs in Server 2012, so it is not a choice when we create a GPO on our server.

1.  Is there a way to add the EAP configuration options from Server 2012 to a Server 2008R2?

2.  Is there some other, less fancy way of getting a windows 8 machines to authenticate to the wireless prior to user login?  I read that adding the following registry entry involving netsh to
HKLM\Software\Microsoft\Windows\CurrentVersion\Run  would work

%comspec% /c netsh wlan connect name=profile_name

The netsh command does connect to the network when run from the command line, but does nothing when placed like this in the registry. (not for windows 8.1)

http://community.spiceworks.com/how_to/show/2047-enable-wireless-connection-pre-logon-on-domain

Anyone dealt with this?
0
dakota5
Asked:
dakota5
  • 4
  • 2
1 Solution
 
Craig BeckCommented:
If you want to use EAP-TTLS you just can't with Server 2008.  However, if you want to use computer authentication you can do this natively in Server 2008 by using computer certificates and standard EAP-TLS.

I'm guessing though that you're wanting to use TTLS so you don't have to deploy certificates to your workstations?
0
 
dakota5Author Commented:
We are a department within a large institution with an existing EAP-TTLS system.  We configure our clients to deal with whatever IT hands us.

I'm going to try exporting the working profile from the windows 8.1 client as XML and import that into the Server 2008 R2 GPO
0
 
Craig BeckCommented:
You would need a suitable ADM file. You could try adding the relevant XML config for the policy but it probably won't work.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
dakota5Author Commented:
Right.  I tried that, and no it did not work.

Anyone know of  a wireless driver package that includes EAP-TTLS that will run on Windows 8?
The standard CISCO package worked for XP and Windows 7, but not for Windows 8
0
 
dakota5Author Commented:
The answer was simple.  Advanced settings are a bit hidden in Windows 8.

Connect to network in normal way.  Go to network and sharing center.
In the active networks section, click the link that is the active connection.

Wireless properties | security | advanced settings
authentication mode is fine as user.
Save credentials.  Popup states that this allows your computer to connect to network when you are not logged in.  You will be connected prior to login after bootup and also after you logout.

Apparently this is not the same as saving your credentials when you create the network with the Windows 8 network charms.
0
 
dakota5Author Commented:
It took forever, but I did find the answer on the internet.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now