P
Paul
I have a tablet PC running XP tablet edition that I am
using to set up a small wireless lan. Additionally, I
have a Windows 2003 server acting as both a radius server
and certificate authority. The tablet is a member of the
same domain that the 2003 server is.
When I log on to the tablet as domain user BobSmith, I can
launch IE, browse to the cert auth, request and install a
User cert with no problem. At that point, I can configure
the wireless connection for 802.1x "Smart card or other
certificate" and my connection is established to the
wireless network, "Authentication Succeeded".
What I would like to do, however, is not log in to the
desktop as a domain user, rather just a user local to the
tablet. In doing so, I can browse the cert auth (and
authenticate to it via the browser as domain user
JohnDoe), request and install a user cert, but the
wireless connection fails. Logged in as a local user, I
can see the certificate in mmc (under the name of
JohnDoe), but the "Validating Identity" phase fails with
the error message "Windows was unable to find a
certificate to log you on to the network [SSID]" (where
SSID is my AP's network name).
The radius server (IAS) is configured to authenticate both
JohnDoe and BobSmith, but while logged in to the tablet as
a local user, neither the AP nor the IAS server get an
authentication request. Is it possible to log in as a
local user and still use a domain user's certificate for
EAP-TLS 802.1x authentication?
Thanks.
using to set up a small wireless lan. Additionally, I
have a Windows 2003 server acting as both a radius server
and certificate authority. The tablet is a member of the
same domain that the 2003 server is.
When I log on to the tablet as domain user BobSmith, I can
launch IE, browse to the cert auth, request and install a
User cert with no problem. At that point, I can configure
the wireless connection for 802.1x "Smart card or other
certificate" and my connection is established to the
wireless network, "Authentication Succeeded".
What I would like to do, however, is not log in to the
desktop as a domain user, rather just a user local to the
tablet. In doing so, I can browse the cert auth (and
authenticate to it via the browser as domain user
JohnDoe), request and install a user cert, but the
wireless connection fails. Logged in as a local user, I
can see the certificate in mmc (under the name of
JohnDoe), but the "Validating Identity" phase fails with
the error message "Windows was unable to find a
certificate to log you on to the network [SSID]" (where
SSID is my AP's network name).
The radius server (IAS) is configured to authenticate both
JohnDoe and BobSmith, but while logged in to the tablet as
a local user, neither the AP nor the IAS server get an
authentication request. Is it possible to log in as a
local user and still use a domain user's certificate for
EAP-TLS 802.1x authentication?
Thanks.