Very often 802.1x deployments run into Windows 7 machines that will exhibit erratic authentication problems such as:
- Not able to authenticate when coming back from sleep or hibernation
- Using the wrong protocol on boot up
- Not able to authenticate after a single authentication failure
Such problems often boil down to one or more of the following problems :
| Problem Summary | KB |
| Win 7 connected behind IP Phones will not authenticate after waking up from sleep or hibernation | KB 976373 |
| Win 7 stops responding to 802.1x after first authentication fails | KB 980295 |
Win 7 selects a protocol different from what the GPO states. (GPO is configured for EAP-TLS but PEAP is used because local config had PEAP selected) | KB 2481614 |
| Win 7 does not prompt for 802.1x credentials to some users on a shared PC | KB 2491809 |
| Win 7 does not prompt for 802.1x credentials | KB 2835595 |
| Win 7 cannot authenticate if a valid and an invalid certificate is present | KB 2494172 |
| Win 7 selects wrong certificate for a machine migrated across two forests | KB 2769121 |
| Win 7 Authentication fails intermittently | KB 2736878 |
So if you have a 802.1x implementation or are considering it in a Windows 7 environment, these hotfixes should be pushed out to the endpoints to avoid problems with authentication. Some of these are not part of a Service pack so, they need to be downloaded and pushed out specifically.
On a side note, some laptops manufactured in 2013/2014, especially from HP, require a device driver upgrade to authenticate correctly.
