|
Home > Archive > Radius Server > October 2006 > Computer-Level 802.1x Authentication Issue
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Computer-Level 802.1x Authentication Issue
|
|
| Youngdong Lee 2006-06-19, 1:22 am |
| - 802.1x
- Windows Server 2003 AD and IAS
- RADIUS Client: Enterasys Devices (N or E Seriese)
- AuthMode = 1
- SupplicantMode = 3
I'm dong wired and wireless 802.1x with EAP-MS-CHAP-v2.
I need to use User-Level and Computer-Level Authentication.
User-Level Authentication is always successful.
But, Computer-Level Authentication seems not to work.
I can find User-level Authentication logs in the System Event Log.
But there're no events related to Computer-Level Authentication.
What's the problem..?
Of course, I checked the setting "Authenticate as computer when computer
information is available" in Windows XP Clients.
Regards,
P.S.
I'm not native speaker, but I can understand your comments.
| |
| Youngdong Lee 2006-06-19, 2:23 am |
| I've found some misconfigurations in my settings.
If there're no "Read and Apply Group Policy" settings for Computer Groups,
Computer-Level Authentication does not work..?
I'm not sure, but..
I think that's why I can't find event logs related to Computer-Level
Authentications.
I'm waiting for your answer, thank you.
Regards,
---------------------------------------
"Youngdong Lee" wrote:
> - 802.1x
> - Windows Server 2003 AD and IAS
> - RADIUS Client: Enterasys Devices (N or E Seriese)
> - AuthMode = 1
> - SupplicantMode = 3
>
> I'm dong wired and wireless 802.1x with EAP-MS-CHAP-v2.
> I need to use User-Level and Computer-Level Authentication.
> User-Level Authentication is always successful.
> But, Computer-Level Authentication seems not to work.
>
> I can find User-level Authentication logs in the System Event Log.
> But there're no events related to Computer-Level Authentication.
> What's the problem..?
>
> Of course, I checked the setting "Authenticate as computer when computer
> information is available" in Windows XP Clients.
>
> Regards,
>
> P.S.
> I'm not native speaker, but I can understand your comments.
>
| |
| Youngdong Lee 2006-06-19, 7:23 am |
| I've found some misconfigurations in my settings.
If there're no "Read and Apply Group Policy" settings for Computer Groups,
Computer-Level Authentication does not work..?
I'm not sure, but..
I think that's why I can't find event logs related to Computer-Level
Authentications.
I'm waiting for your answer, thank you.
Regards,
---------------------------------------
"Youngdong Lee" wrote:
> - 802.1x
> - Windows Server 2003 AD and IAS
> - RADIUS Client: Enterasys Devices (N or E Seriese)
> - AuthMode = 1
> - SupplicantMode = 3
>
> I'm dong wired and wireless 802.1x with EAP-MS-CHAP-v2.
> I need to use User-Level and Computer-Level Authentication.
> User-Level Authentication is always successful.
> But, Computer-Level Authentication seems not to work.
>
> I can find User-level Authentication logs in the System Event Log.
> But there're no events related to Computer-Level Authentication.
> What's the problem..?
>
> Of course, I checked the setting "Authenticate as computer when computer
> information is available" in Windows XP Clients.
>
> Regards,
>
> P.S.
> I'm not native speaker, but I can understand your comments.
>
| |
| Youngdong Lee 2006-07-03, 7:27 am |
| I solved the problem.
It was related to vendor-specific features.
Thanks.
"Youngdong Lee" wrote:
[vbcol=seagreen]
> I've found some misconfigurations in my settings.
>
> If there're no "Read and Apply Group Policy" settings for Computer Groups,
> Computer-Level Authentication does not work..?
>
> I'm not sure, but..
> I think that's why I can't find event logs related to Computer-Level
> Authentications.
>
> I'm waiting for your answer, thank you.
>
> Regards,
>
> ---------------------------------------
> "Youngdong Lee" wrote:
>
| |
|
| Mr Lee,
I am doing exact the same as you do. Could you please point me to the
solution to solve your problem?
Thanks,
--
Andy
"Youngdong Lee" wrote:
[vbcol=seagreen]
> I solved the problem.
> It was related to vendor-specific features.
>
> Thanks.
>
> "Youngdong Lee" wrote:
>
| |
| Proberts 2006-09-27, 1:35 am |
| Did you find a solution? I missed this post in my search but I'm having the
same issue from 3Com cards to cisco ACS 4.0 using the XP wireless
configuration.
I see no indications in the log files on the ACS to indicate that XP is
attempting to authenticate as the machine.
I'm wondering if some setting or policy in our standard XP build would
prevent the machine from authenticating despite the check box in
'authenticate as machine'.
"Andy" wrote:
[vbcol=seagreen]
> Mr Lee,
>
> I am doing exact the same as you do. Could you please point me to the
> solution to solve your problem?
>
> Thanks,
> --
> Andy
>
>
> "Youngdong Lee" wrote:
>
| |
| Giovanni Trapasso 2006-10-31, 7:25 pm |
| Has anyone resolved this problem? I have everything working with User based
802.1x but when changing to computer-only things don't work.
Any advice would be appreciated.
thanks
"Proberts" <Proberts@discussions.microsoft.com> wrote in message
news:47D2471F-A6DB-42B2-AC7D-6C930ABEB558@microsoft.com...[vbcol=seagreen]
> Did you find a solution? I missed this post in my search but I'm having
> the
> same issue from 3Com cards to cisco ACS 4.0 using the XP wireless
> configuration.
>
> I see no indications in the log files on the ACS to indicate that XP is
> attempting to authenticate as the machine.
>
> I'm wondering if some setting or policy in our standard XP build would
> prevent the machine from authenticating despite the check box in
> 'authenticate as machine'.
>
> "Andy" wrote:
>
|
|
|
|
|