Dot1x using Windows as Client

Unanswered Question
Sep 25th, 2007

We are starting to implement dot1x in our network and there are a few changes we have to make on the PC's. I am wondering if there is a way to make the client changes without touching every PC in the network such as SMS etc. Is there a reg hack? We use Script Logic/Desktop Authority in our network. Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
magurwara Sun, 09/30/2007 - 20:15

For wireless, you can deploy using Group Policy. For wired network, I am afraid there is nothing at this point that you could use. Microsoft, i believe, has added or plans to add this facility in Windows Vista.

mark.blanchfield Mon, 10/01/2007 - 04:23

Ok. Thanks. I thought that was the case. We might purchase the Cisco Client which can be pushed out via SMS.

hal.chaikin Wed, 10/10/2007 - 06:18

We dealt with this same issue last year. One of our sysadmin's wrote a .vbs script for WINXP clients. It sets the EAPOL registry keys for the Windows Wireless Zero Configuration Service and configures the Broadcom NIC for 802.1x authentication. We pushed it out to all our (thousands) of clients prior to locking down switchports via SMS. I'm uploading the script for anyone's interest, examination, or use. Caveats: As this is a home-grown product we are providing it without guarantee, support, or maintenance in the interest of sharing general information.



mark.blanchfield Wed, 10/10/2007 - 08:51

Hal,


Thanks! I thought there may be a way to push out the configuration changes on the client without having to go to each PC. I will run this by our server admin folks and see if we can do this via SMS. Thanks again for your help!

Actions

This Discussion