Security

I'm building out an Wirless 802.1x enviroment using Clearpass as our Radius server.  the Authentication method is EAP-PEAP and I am using User and Machine authentication against Active Directory.  There are a few roles you can fall into.  "User only" users was authenticated using their AD creds.  "user or machine"  Machine was authenticated using it's machine account against AD.  "User and Machine" both the user and the machine were authenticated against AD.  Depending on the role fall into determines the access you are given.  for instance a "User Only" role will allow that user to connect to the wirless but they will only have access to the internet.  The problem i'm encountering is that when I test with my Windows10 laptop and I connect to the wireless network my machine is authenticated but not my user.  What i find odd is that when I choose the wireless network to connect to i'm never asked for my creds.  Any thoughts. 

How are you testing on your Windows10 client?

Machine authentication only takes place at specific times (logon, logoff and boot up (if single signon is enabled)).

If you have the client configured to use Windows credentials, you won't be prompted for any username/password.

Ensure your 802.1x configuration on the client is correct and then logoff and logon.