802.1x User Authentication with Mandatory Profiles

Just been working on 60 new Asus Eee netbooks that we have bought for student use in the college. Mainly, testing thoroughly that the wireless was going to work flawlessly.

We got everything working for ourselves using Network Policy Server, HP Procurve 420 AP’s and PEAP. Only problem – when a student logs in, the authentication fails.

Did some checks to make sure that there wasn’t any user group filters or GP settings that were blocking the authentication. In a last ditch attempt we dropped the mandatory profile, and the authentication worked.

Having never had this problem before (all staff have roaming profiles), started looking up the problem.

Found that some changes in Windows XP SP3 stop user authentication using 802.1x. You can still use machine authentication, but this didn’t meet our requirements.

Turns out Microsoft released a hotfix for this. Works great – now integrated into our RIS installations. Link below:

http://support.microsoft.com/kb/969111

5 people found this post useful.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.