All-
Does anyone know:
1) Is there is a meaningful way to influence the User-Name attribute sent by a Windows EAP-TLS supplicant when using Computer Authentication via GPO or registry? (The whole host\fqdn bit.)
(and/or)
2) Is there a way to programmatically influence the username value of "Use a different user name for the connection" either by GPO or registry?
We are moving toward eduroam as a primary SSID and need a fully qualified username. We've long had eap-tls in play with computer auth/certs with our vanity SSID, and the *only* place we're struggling here is with our managed Windows machines. I'm not a windows client OS expert, but often find the folks here have a a deep well of knowledge I was hoping to tap into.
Thanks!
------------------------------
Kevin Schoenfeld
------------------------------