We have a several Cisco 4400 wireless controllers and a Cisco WLC, ACS server. Access points are Cisco LWAP 1242. Security is PEAP TKIP ms-chap. Machine authentication.
Settings are pushed out through group policy. A new user can log on to a laptop (without cached credentials) and get all their network settings....most of the time. Randomly we have laptops that after being restarted, receive "yourdomain.com is not available" error message. The laptops will work fine for weeks and then random laptops start to get this error. If we wire them into the network, they logon fine. Shutdown, unplug, and the wireless works fine again.
Remember to check simple attributes in your Windows client in your wireless network connection. Under the Wireless Networks tab, look for the Use Windows to Configure My Wireless Networksetting. Be sure that this option is checked if you use the Windows Zero configuration. If you use a different client, be sure to refer to the documentation that came with that client in order to set up web authentication. Ensure the virtual interface is configured properly on the Controller > Interfaces page. Also, verify that you have specified this WLAN/SSID on the WLC, that you have enabled the WLAN/SSID, and that it is correctly set up for web authentication.