Tuesday, December 9, 2008

802.1X NAP and Certificate Issue

At this posting , I want to talk about 802.1x NAP and Certificate related problems. According to my experience , you have to use a certificate from Enterprise CA at Network Policy Server’s certificate. StandAlone CA’s certificate is not working properly at NPS. Another issue about certificate is Client Machine certificate. According to my experience also, you have to use computer certificate and machine authentication at 802.1x NAP. If you don’t use computer certificate and also computer authentication on 802.1x NAP clients, there would be authentication failure at Pre-Logon stage. This problem causes cached logons on client computers, clients wouldn’t get either group policy or password expiration notifications.

No comments: