07-25-2006 06:07 AM - edited 03-10-2019 02:40 PM
Wired authentication:
This is what I want to accomplish:
Switch - ACS 4.0 -> Active Directory
Assume a new user is logging into the network for the first time and he starts his computer which has been configured for 802.1x PEAP. I have checked off the option 'Automatically use my Windows logon name and password' in LAN properties
Now, after the computer starts, the user is presented with the regular Windows dialog logon box to which he hits Ctrl+Alt+Del and enters his Windows AD credentials. I want those credentials to be sent to the switch as part of the 802.1x logon. After the port is authorized, those same credentials should be passed onto Active Directory to become authenticated to the Windows network.
Possible? I'm assuming this is the way it should & can work
07-31-2006 07:00 AM
This depends on the order of services being loaded by the Operating systems at the startup.If the option "Automatically use my Windows logon name and password" in LAN that should be fine for 802.1X authentication.So this should work for both LAN and AD in windows.
08-16-2006 12:34 PM
Hi, you need machine authentication as well. Otherwise Windows will not be able to verify the user's identity and cannot log the user in. Windows authentication of the user takes place before the switchport authenticates for the user. Machine authentication allows the computer to authenticate and get access to the network before the user logs in. Thus the user authentication CAN take place because the DC's are only available after machine authentication succeeded.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide