none
802.1x new domain users are unable to authenticate to the domain server RRS feed

  • Question

  • I'm deploying 802.1x on my wired networking and i'm facing a problem on the computers that do not have the cached profile created.

    The service works fine when i have cached profiles, but when it comes to create a new profile into a windows machine, it doesnt work because i cant reach my domain server.

    So, i went up into the internet and saw that certificate authentication is what i need. I'm trying to set up that but i'm facing a lot of doubts, like:

    1) How do i setup the NPS policy to do that?

    2) How do i create a computer certificate to my domain computers, so they can authenticate?

    3) Do i need to do something on the switch besides set the authentication mode?

    What i need to do is, that everyone who plugs a computer into my wired network, falls into a guest network, besides our managed computers, that will access our company VLANs. Thanks in advance for your help.


    • Edited by ManthysBR Thursday, May 16, 2019 8:58 PM
    Thursday, May 16, 2019 8:56 PM

All replies

  • Hi,

    On one hand, a new computer needs a network connected to DC to get the wired profile.

    On the other hand, wired profile is required to connect to the network. 

    As a result, you need another network connected to the DC, so that the new computer can get the wired profile before connecting the wired network.

    Best regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, May 17, 2019 7:52 AM
    Moderator
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, May 21, 2019 6:25 AM
    Moderator
  • Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation to provide further help.

    Best Regards,

    Travis


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, May 23, 2019 8:51 AM
    Moderator