Hello all,
I am working on an 802.1x lab and proof of concept and have 2 problems. Solving either of them will have me good-to go. Just for reference I have:
1) enabled and tested workstation authentication
2)can succesfully authenticate users and workstations against AD
First: If I use the default Windows 2000 802.1x service and have the box "Always use my Windows username and password" box checked when using PEAP, I cannot for the life of me figure out how to authenticate when I have logged in as a local user account. Windows insists on putting the local computer name in front of the username when I log in to a local account, so I cannot simply enter the default company-wide local administrator into ACS's local database.
Second: If I use the Cisco CTA client, I always get prompted for my password by CTA after I login to Windows, when I thought it should use the credentials I logged in with. I do not care if I have to enter local credentials twice, but a normal user logging into an AD account should not have to. If as I suspect this is a certificate issue my corporation does have a very good PKI infrastructure I can work off of.
My preference is not to have to install any additional software for 802.1x so if I can figure out how to authenticate when logged in as the local administrator without having to change settings, that would be best, but if I need to I can us the CTA client.
Any help would be greatly appreciated,
Nathan Spitzer
Lockheed Martin TSS