![]() ![]() ![]() To always use the calling number as the user identity, set the following registry value to 1 on the authenticating server: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess\Policy\Override User-NameĪfter I set these and restart the NPS the non-802.1x client now authenticates successfully however all 802.1x clients fail authentication ! The user identity is set to the calling number only when there is no user name being supplied This registry setting tells the authenticating server to use the calling number (RADIUS attribute 31, Calling-Station-ID) as the identity of the calling user. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\RemoteAccess\Policy\User Identity Attribute I then set the following reg values on the NPS (as detailed by Microsoft to allow the NPS to read the Calling-station ID value as a username) : I have created a user in AD with the username and password as the MACĪddress of the non-802.1x device. We now want to allow certain non 802.1x supplicants (printers etc) to connect to the network via the same NPS. We have a 2008R2 NPS which is authenticating clients via 802.1x (PEAP-TLS - computer based authentication). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |