locked
VLAN assignment with 802.1x and and Login scripts via Group Policy RRS feed

  • Question

  • In a NAP 802.1x VLAN assignment, it is expected that Login Scripts (via Group Policy) work?

    As far as I can see during logon process in a 802.1x environment in which VLAN is assigne only after logon, the network is not reachable in that stage and login script does not work

    Is that expected?

    Thursday, May 5, 2011 8:22 AM

Answers

  • Hi Momaweb,

     

    Thanks for posting here.

     

    You may consider specifying the “machineOrUser” or “machine” credentials for authentication in this case, so that client computer will be reassigned to the proper VLAN before user login:

     

    How to enable computer-only authentication for an 802.1X-based network in Windows Vista, in Windows Server 2008, and in Windows XP Service Pack 3

    http://support.microsoft.com/kb/929847

     

    Meanwhile, please also take look the old thread which discussed similar scenario like yours:

     

    http://social.technet.microsoft.com/Forums/en-CA/winserverNAP/thread/a530d2e7-4860-4339-990b-696cbdbc43c7

     

    Thanks.

     

    Tiger Li

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, May 6, 2011 2:34 AM
  • Hi Momaweb,

    Please feel free to let us know if the information was helpful to you.

    Thanks,

    Tiger Li

    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact tngfb@microsoft.com


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Massimo_M Wednesday, July 27, 2011 7:02 AM
    Monday, May 9, 2011 2:02 AM

All replies

  • Hi Momaweb,

     

    Thanks for posting here.

     

    You may consider specifying the “machineOrUser” or “machine” credentials for authentication in this case, so that client computer will be reassigned to the proper VLAN before user login:

     

    How to enable computer-only authentication for an 802.1X-based network in Windows Vista, in Windows Server 2008, and in Windows XP Service Pack 3

    http://support.microsoft.com/kb/929847

     

    Meanwhile, please also take look the old thread which discussed similar scenario like yours:

     

    http://social.technet.microsoft.com/Forums/en-CA/winserverNAP/thread/a530d2e7-4860-4339-990b-696cbdbc43c7

     

    Thanks.

     

    Tiger Li

     

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact tngfb@microsoft.com


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    Friday, May 6, 2011 2:34 AM
  • Hi Momaweb,

    Please feel free to let us know if the information was helpful to you.

    Thanks,

    Tiger Li

    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact tngfb@microsoft.com


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
    • Marked as answer by Massimo_M Wednesday, July 27, 2011 7:02 AM
    Monday, May 9, 2011 2:02 AM