Hi All,
I'm not too sure where to stick this peice of help that I need, so I selected this forum. I'm currently having issues where users who are attempting to remote desktop back to their laptops that the authentication is stuck at machine level authentication and does not flip over to user level authentication. Here is my setup.
- Aruba controller is talking to a NPS Radius Server
- Laptops are supplied with computer certificates
- Users are supplied with user certificates
- Laptops are using Computer and User EAP-TLS authentication on wireless connections in Windows 7
- Computer certificates are ACL locked down so that they can only talk to Domain Controllers on our network, and remote desktop access back to the local computer itself from the outside.
- User certificates uses the default authenticated user role
The machine and user certificates are working perfectly in a local console login environment, meaning that the machine is authenticated when waiting for a user to login (at the alt+ctrl+del screen) and that once a user logs in, user level authenication takes place and then that user has full access to all of a network.
The problem comes in that when a user attempts to remote desktop to a wireless computer, that the computer itself is stuck in machine authentication and never uses user authentication to authenticate the logged in use. This means that the user has no access to any network resources except connectivity to the Domain Controllers. Has anyone encountered this problem? Anyone know of any work arounds?