Security

last person joined: 15 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Windows pre-login MAC vs hostname

This thread has been viewed 0 times

  • 1.  Windows pre-login MAC vs hostname

    Posted Apr 06, 2016 11:00 AM

    I'm trying to get pre-login working better so that we can get better computer policy application.  Pre-login is currently hitting a walled garden VLAN because we're only get MAC addresses, and then once in the OS, it auths as user and switches VLANs.  Anyone know in Windows how to get the machine to consistently just send their hostname?

     

    Example:

    inconsistencies.jpg



  • 2.  RE: Windows pre-login MAC vs hostname

    EMPLOYEE
    Posted Apr 06, 2016 11:02 AM
    Windows machines will only send their hostname as the username during a
    machine authentication.


  • 3.  RE: Windows pre-login MAC vs hostname

    Posted Apr 06, 2016 11:10 AM

    Okay.... so the only explanation is that my Juniper switch is re-writing it?



  • 4.  RE: Windows pre-login MAC vs hostname

    Posted Apr 06, 2016 10:13 PM

    Juniper took verbose logs and analyzed them... they say that their switch is receiving it by MAC and just forwarding that along.  Which means.... the ONLY explaination is that the switch inside our ShoreTel phones is somehow re-writing it.   UGH.......

     

    Anyone ever heard of this?



  • 5.  RE: Windows pre-login MAC vs hostname

    Posted Apr 06, 2016 10:19 PM
    So if you take the phone out of the equation it works properly ?


  • 6.  RE: Windows pre-login MAC vs hostname

    Posted Apr 06, 2016 10:21 PM

    That is exactly my next bit of testing.... just not at work at the moment.  :-)



  • 7.  RE: Windows pre-login MAC vs hostname

    Posted May 25, 2016 09:47 AM

    where you able to confirm or deny?



  • 8.  RE: Windows pre-login MAC vs hostname

    Posted May 25, 2016 09:51 AM

    It wasn't the phone.  It was Windows 7 being rediculously unpredictable.  It doesn't even seem to care what settings we have.  Even when we can get Windows 7 working... it often breaks TLS because the Skype for Business certificate is issued in the same exact common name and Windows 7 gets confused.

     

    We actually gave-up on Windows 7 being smooth with this system and have started a push to get to Windows 10.