Forum

802.1x auth and win nt logon scripts

1 posts by 1 authors in: Forums > CWSP - Enterprise Wi-Fi Security
Last Post: March 7, 2009:

By wirelessmike March 7, 2009

Reply

The situation you describe is very common - especially in environments where users share wireless laptops. Using WZC with the 'use my windows credentials to log into the wireless network' creates the chicken-and-egg problem.

Some supplicants support 'pre-login authentication', that will basically run a script before windows trys to authenticate to the domain that will use your entered credentials to log into the wireless network before domain authentication (broadcom and intel proset are two that I know of).

There is a new feature in windows XP SP3 that can be used with Server 2008 (Server 2003 can be extended to support it) to do pre-login authentication natively.

But your right, in environments where users may share a machine - it is more logical to implement EAP-TLS with machine authentication (computer certificates).

M

Page 1 of 1

1

Success Stories

I literally just came out of the testing centre having taken the CWDP exam. The certification process opened my mind to different techniques and solutions. This knowledge can only broaden your perspective. Great job, CWNP, you have a great thing going on here.
-Darren

Working through the CWNP coursework and certifications helped not only to deepen my technical knowledge and understanding, but also it boosted my confidence. The hard work it took to earn my CWNE has been rewarding in so many ways.
-Ben

I want to commend you and all at CWNP for having a great organization. You really 'raise the bar' on knowing Wi-Fi well. I have learned a ton of information that is helping my job experience and personal career goals, because of my CWAP/CWDP/CWSP studies. Kudos to all at CWNP.
-Glenn