I'm trying to work out a way to allow new users to a mobile device to log in to the domain.
Here is the info:
Windows XP Embedded device
Wireless LAN connected only
Domain authentication for the users
802.11i (WPA2 w/PEAP-MSCHAPv2) using windows logon for wireless authentication.
Currently using Atheros Client Utility for wireless configuration because there is not yet a WPA2 component for XP Embedded.
Radius server for the wireless authentication ( I think Steel-Belted Radius )
A pre-authenticated user can log in and connect with no problem.
A new user cannot log in - gets domain unavailable.
Is there a way to order the log-in so that the wireless authentication is preformed first, then the Active Directory authentication happens so that the user can access the device?
Or, is there a way to make the network connection authenticated prior to the windows logon? Like you used to be able to logon with Dial up networking..
Thanks in advance for your help!
I believe that the Odyssey client from Funk software integrates with Windows login to correctly handle this situation. I've seen this client deployed in one case, and it definitely logged into the wireless network before the machine logged into the domain.