All, Im trying to do the following, without success at this point. I have a laptop, 3560 switch, and ACS v3.3. I have the port my laptop is plugged into to do dot1x. If you login fine, you get on the trusted network. If not, you get dumped into the guest vlan. When I boot up, I automatically get dumped over to the guest vlan. At that point, I can see in my system tray where it is trying to authenticate, and it pops up with a bubble asking me to type in a username and password. I click on that, and login screen comes up. I type in my username and password, and in about 10 seconds, I get dumped over into the trusted domain. My question is, how can I configure all of this to where my users do not have to login twice (once on the laptop itself and once for network "trusted" availability)? On the ACS server, I have the usernames/passwords setup. Switch appears to be operating correctly. See switch port config here:

interface GigabitEthernet0/6

switchport access vlan 13

switchport mode access

dot1x pae authenticator

dot1x port-control auto

dot1x timeout quiet-period 15

dot1x timeout tx-period 3

dot1x reauthentication

dot1x guest-vlan 12

spanning-tree portfast

ACS is setup to allow authentication with switch. Laptop will authenticate user credentials, just not automatically where the user does not have to "DO" something.

Any ideas on how to do this?