It was suggested I cross-post my question here (it is also is in the Directory Services and Network forums).
We are trying to log into laptops wirelessly. The users can only log into laptops that they have cached credentials on, but we need them to be able to login for the first time while only connected via wireless. Any suggestions are appreciated.
We are using:
Windows 7
Microsoft Radius Server
Cisco WAPs
WPA2-Ent MS-PEAP
We are pushing out the wireless settings for our WPA-Ent SSID via group policy with the following settings for 802.1x settings:
Cache user information for subsequent connections to this network | Enabled |
Computer Authentication | User authentication |
Maximum Authentication Failures | 3 |
Maximum EAPOL-Start Messages Sent | |
Held Period (seconds) | |
Start Period (seconds) | |
Authentication Period (seconds) | |
Single Sign On type | preLogon |
Maximum acceptable delay for network connectivity | 30 |
This network uses different VLAN for authentication with machine and user credentials | Disabled |
Allow additional dialogs during single sign on | Enabled |