Re: 802.1x Authentication for non-domain machines

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/13/05


Date: Tue, 12 Apr 2005 21:25:12 -0500

The computer itself can not authenticate to the domain if it does not have a
computer account in Active Directory via EAP-TLS. If you use PEAP there is
no computer authentication - only user configuration at the client end but
all computers would need to trust the certificate on the IAS server. A non
domain computer can request a certificate from a domain CA via Web
Enrollment and is often done for ipsec offline certificate requests. There
is also a Microsoft wireless newsgroup where you may want to post. ---
Steve

"Carlos A. Morillo" <carlos.morillo@myrealbox.com> wrote in message
news:O69TDnsPFHA.248@TK2MSFTNGP15.phx.gbl...
> Is it possible to assign non-domain machines a certificate to authenticate
> to a wireless network?
>



Relevant Pages

  • Re: Flaws IIS6 with AD (2003) Cert Mapping
    ... authentication over https, then when they request a user cert, the CA fills ... the certificate in place of the username/password authentication. ... authenticate users, it's the Subject Alternative information with the UPN ...
    (microsoft.public.inetserver.iis.security)
  • Re: Possible Security Flaw in Windows 2000
    ... IIS certificate mapping uses explicit name mapping to authenticate users. ... The certificate is issued to johndoe2. ...
    (microsoft.public.win2000.security)
  • Re: VPN Access
    ... Make sure that you are logging onto your computer with credentials that will ... authenticate you to your domain resources. ... User Certificate is Valid ... successfully and I can access share drive on one server. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Secure web site access and PKI Certs
    ... But I should have thought that if the PKCS12 certificate is password ... It sounds like a poor way to authenticate. ... Secure web site access and PKI Certs ...
    (Security-Basics)
  • RE: Secure web site access and PKI Certs
    ... In this case you would want the certificate created under the Domain ... Secure web site access and PKI Certs ... It sounds like a poor way to authenticate. ...
    (Security-Basics)