Yesterday we fixed the problem with Wireless laptops only needing to authenticate with machine only by altering the Wireless EAP group policy
âComputer authentication: With user re-authenticationâ
it was "computer only" previously.
Now when you start the laptop in the proximity of the Wireless access points the laptop uses machine and user authentication and successfully authenticates with PEAP.
This has highlighted a problem when users take their laptops from their desk already logged on down to the wireless Network as the infrastructure is now configured to use machine and username authentication with machine access restrictions enabled. now when the laptop is already logged on it will
try to authenticate with the username only.
The following report is logged on the ACS 4.1
Wireless access is denied with the following Windows External DB user access was denied due to a Machine Access Restriction
Is there anyway of ensuring that the Microsoft supplicant issues a machine authentication prior to user authentication?