DC unavailable during wireless logon... is this a Cisco Issue?

Unanswered Question
Feb 26th, 2008
User Badges:

I understand that, using only the Windows Wireless Config, the client will only process association and authentication after the user logs on either locally or with a domain account/profile which pre-exists on the machine.


unfortunately, this doesn't happen to users who do not have profiles on the machine. if a new account tries to login, obviously, the user isn't associated and authenticated yet, therefore no ip address is leased and domain is unreacheable at this point, or anything on the network. actually, when the Press Ctrl-Alt-Del screen is displayed, the machine is not associated, authenticated and has no IP address yet.


i have seen LEAP, and before Windows can display the Login dialog, one can actually see what LEAP is doing, like association, authencation and acquiring an IP address.


For compatibility reasons, the company decided to work with PEAP only to authentication via WLC 4.1.181 to ACS 4.0. Is there a way for the Windows Wireless Config to do the same thing as what LEAP is doing, in the manner that it will handle all necessary tasks to acquire an IP address before the Windows Login dialog appear..


Is this even a Cisco issue?


Thanks for all your ideas/help/information


Appreciate them all!


-pirate



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Scott Fella Tue, 02/26/2008 - 21:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

This is not a Cisco issue. What you need is to use a 3rd party utility (Intel Pro, Access Connection, etc) that allows you to obtain a wireless network connection prior to login. Using the Windows Zero Config will not allow you to do this, because your network services does not start until your desktop loads. What type of wireless card are you using?

pirateoftheairwaves Tue, 02/26/2008 - 23:34
User Badges:

Thanks fella5,


They're using different wi-fi cards.. (Intel, linksys, realtek, etc.) but no matter what card they'll use, the Windows Zero Config is the one being implemented.


I've explained that to the customer, but I guess they needed some sort of document for them to be convinced. Is there any available?


I guess, they'll have to consult microsoft regarding this one if they insist on using only Zero Config.




Scott Fella Wed, 02/27/2008 - 05:03
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

I know vista users have the option for single sign-on


http://www.microsoft.com/technet/technetmag/issues/2007/11/CableGuy/default.aspx


I found this article in which they did get windows zero to work.


http://techrepublic.com.com/5208-6230-0.html?forumID=101&threadID=227888&messageID=2437562

spinnabs1 Wed, 02/27/2008 - 11:35
User Badges:

Are these devices on an Active Directory Domain? If so, and your ACS is linked to the AD, machine authentication can be used. This will use the machine AD credentials to login.

Actions

This Discussion

 

 

Trending Topics - Security & Network