Im trying to use PEAP machine authentication from a winxpSP2 client to ACS 4.0 using WIRED 802.1x.
PEAP user authentication works just fine, the LAN connection comes up fine and i enter the user credentials and the connection comes up. However, when I restart the machine, I can't log in with an uncached user account because it saids it cant contact a domain controller. This makes me believe that computer authentication isnt working. Im not sure if you should see the computer authentication in ACS reports and activity and if so I'm not.
Here's a brief summary of my config.
-checked PEAP authentication and "authentication as computer when computer information is available"
-did not check any advanced settings in the PEAP properties (validate server certificate, etc...)
-installed ACS self certificate
-configured "enable PEAP machine authent" under Machine Authentication in the External User Database for windows databases.
Not that you should have to with PEAP (non-TLS) but, I installed the ACS self certificate on the client.
I found this microsoft article but i dont know if pertains to machine authentication. I was wondering if someone could confirm this was my problem.