Wired 802.1X Machine Authentication does not occur at bootup but at login RRS feed

  • Question

  • I have realised an 802.1X setup using Windows 2008 SP 2 NPS/RADIUS server and Windows XP SP 3 clients. Both server and clients are members of the Active Directory domain.

    The XP clients are configured to use machine-authentication based on their certificates and to use machine-authentication only. When you plug-in a freshly booted machine (not logged in) the machine will successfully authenticate to the RADIUS-server using its computer account (verified this using wireshark). Network connection is established and AD members can login to the computer.

    However, when the machine is allready plugged in to the switch before booting, the machine does not authenticate automatically. It isn't until I log on, using a local computer account, that 802.1X authentication occurs. Using wireshark, I have verified again that this authentication is MACHINE authentication, not user-authentication.

    Is there a way to solve this problem, other than having my users unplug their computer and only plug in to the network after booting?

    Thursday, May 27, 2010 8:52 AM