I understand as part of EAP there's an extra GINA in Windows to allow authentication to SecureACS via the Access Point. Radius is used so user name & password must be sent to the SecureACS, then NTLM to Windows DC?
Then how does reauthentication take place after roaming to another access point? Are some credentials cached on the workstation? Or does the SecureACS handle some caching of credentials? Or does user name & password have to be input again?
Can't find good docs on this.