Re: windows 2003: validation/authentication(802.1x)

From: Ashwin Palekar \(MS\) (ashwinp_at_online.microsoft.com)
Date: 03/30/04

Next message: Alar Pandis: "MAC Address Control"
Previous message: Tony: "Scripting RADIUS Client creation"
In reply to: davide: "windows 2003: validation/authentication(802.1x)"
Next in thread: grace: "Re: windows 2003: validation/authentication(802.1x)"
Reply: grace: "Re: windows 2003: validation/authentication(802.1x)"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 29 Mar 2004 22:08:01 -0800

Good point. Single step might not be possible in this case.

-- 
> --
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
"davide" <davide@yahoo.com> wrote in message
news:%23h4UkmYFEHA.3880@TK2MSFTNGP10.phx.gbl...
> We are testing an Active Directory domain with authentication 802.1x using
> certificates (x.509) on smartcard.
> - the domain is served from Windows Server 2003 whith DHCP, DNS, root CA
> - for the 802.1x authentication we have:
> supplicant: windows xp sp1
> authenticator: switch Cisco 2950 (enhanced image)
> autentication server: service IAS on Windows 2003
> We configured autoenrollement of certificates to smart card.
> We configured the windows login on smart card.
>  We configured eap/tls on smart card
> Results
> At the moment of the domain validation  it comes demanded the PIN; once
> inserted, the user reach the domain. In this moment the PC is still in the
> "guest Vlan". After some second, a windows from the systray is opened; to
> this point the breaking in of the PIN comes demanded an other time, the
> certificate on the smart card comes verified and the authentication 802.1x
> goes to good aim. Now the PC is placed on the Vlan configured in the
policy
> attribute on the server Radius (IAS).
> Our objective is that the user having a single step for the validation in
> the domain that for the authentication 802.1x.
> It's possible?
> My english is not so good...
>
> Thanks
> Davide
>
>

Next message: Alar Pandis: "MAC Address Control"
Previous message: Tony: "Scripting RADIUS Client creation"
In reply to: davide: "windows 2003: validation/authentication(802.1x)"
Next in thread: grace: "Re: windows 2003: validation/authentication(802.1x)"
Reply: grace: "Re: windows 2003: validation/authentication(802.1x)"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

RE: Beginners Questions
... We do use Windows form on the presentation layer which is on ... terminal server and call web services on the business logic side. ... of using "proxy" authentication on SQL Server. ... > I have written an app with a Windows Forms UI that is deployed to clients ...
(microsoft.public.dotnet.distributed_apps)
Re: Need help configuring Wireless Connection profile
... and I can only use the intel OR windows utility, not both at the same time. ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless WPA2 ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ...
(microsoft.public.windowsxp.general)
Re: EAP-TLS with windows CE
... The AP was sending out an Identity Request every second, ... request to the identification server. ... When the server asks the Windows CE device to identify itself, ... I could easily steal your authentication information. ...
(microsoft.public.windowsce.platbuilder)
Re: server authentication & ASP authentication
... on to the client workstation with an authorized Windows account. ... SQL Server with Windows authentication. ...
(microsoft.public.sqlserver.security)
Re: ADFS Development Issues
... site to be automatically authenticated by our windows application so ... based on redirects and possibly uses forms-based authentication to collect ... web service proxies don't handle this type of thing ... the server based on how it needs to work. ...
(microsoft.public.windows.server.active_directory)