User-based 802.1x authentication if Computer authenication enforced by GPO?

Stuart Oram
Stuart Oram used Ask the Experts™
on
I'm looking to deploy 802.1x port security on my home network (like many I use for messing around to work on my skills).
When it comes to connecting my company laptop to my home network, the LAN interface is configured by GPO to use computer-only authentication - which is correct for our corporate network.
However given the machine won't be a member of my home domain, it would need to use user authentication if on my network. Given computer only is enforced by the GPO, I'm thinking this won't be possible.
So the question is does anyone know of any workarounds or am I best to use this on a port either with no security or MAC-based security rather than 802.1x
Obviously wireless network authentication won't be a problem, just the wired LAN.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
kevinhsiehNetwork Engineer

Commented:
Interesting problem. I don't know how you allow the laptop to allow user authentication to a foreign network like you home lab. You would need to override the GPO that the domain laptop receives. You could do this by applying a local GPO if you have admin rights.
Stuart OramIT Technical Lead (Project Sites)

Author

Commented:
I do have local admin rights, but would have thought a domain GPO would take precedence over any local policy?
Stuart OramIT Technical Lead (Project Sites)

Author

Commented:
Just checked and confirmed a domain GPO would over-ride anything configured locally.
IT Technical Lead (Project Sites)
Commented:
I think I shall close this down as 'not possible' and just have to use MAC-based authentication for this device.
Stuart OramIT Technical Lead (Project Sites)

Author

Commented:
Not possible.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial