Security

 View Only
Expand all | Collapse all

new wired 802.1x user

This thread has been viewed 73 times
  • 1.  new wired 802.1x user

    Posted Jul 14, 2023 07:46 PM

    Hello  i got a question 

    We have a client that does this:

    The support team join the machine on the AD domain  and set the machine.  

    They create a user and a random password for the user and then they turn off the machine of their account.

    They give the new user the machine so they can log in with their new user -and they can change their random password with the new password

    Now i face a problem here,  and its that the support team are using a free 802.1x port so they dont have any issue with putting the machine in the AD and all that

    But when the new user try to log in with their new user that does not have their profile in that machine and that has never connected to the network they get the error that they cannot connect to the network, it says that the domain is not avaliable, and i should be sure that its connected to the network. 

    I see in the clearpass that it try to connect doing machine authentication instead of using the user and password 

    And now that i think.  I would have a big problem when we change to eap TLS because there is no way they can get the user certificate if the user has not connected yet to their proflle and download the group policy that give it the user certificate

    I don tknow how to go around this.

    Does the user has to alwasy authenticate  the first time without a port wirhtout the 802.1x  authentication? 

    Any ideas of how you all guys do this ?