Avatar of Stuart Oram
Stuart Oram
Flag for United Kingdom of Great Britain and Northern Ireland asked on

User-based 802.1x authentication if Computer authenication enforced by GPO?

I'm looking to deploy 802.1x port security on my home network (like many I use for messing around to work on my skills).
When it comes to connecting my company laptop to my home network, the LAN interface is configured by GPO to use computer-only authentication - which is correct for our corporate network.
However given the machine won't be a member of my home domain, it would need to use user authentication if on my network. Given computer only is enforced by the GPO, I'm thinking this won't be possible.
So the question is does anyone know of any workarounds or am I best to use this on a port either with no security or MAC-based security rather than 802.1x
Obviously wireless network authentication won't be a problem, just the wired LAN.
Windows 7Network Security

Avatar of undefined
Last Comment
Stuart Oram

8/22/2022 - Mon
kevinhsieh

Interesting problem. I don't know how you allow the laptop to allow user authentication to a foreign network like you home lab. You would need to override the GPO that the domain laptop receives. You could do this by applying a local GPO if you have admin rights.
Stuart Oram

ASKER
I do have local admin rights, but would have thought a domain GPO would take precedence over any local policy?
Stuart Oram

ASKER
Just checked and confirmed a domain GPO would over-ride anything configured locally.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
ASKER CERTIFIED SOLUTION
Stuart Oram

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Stuart Oram

ASKER
Not possible.