Security

hi,

we have an cleapass joined to domain,

we are checking if the user authentication only,

domain user is successfully looged in and uathentciated,

our issue when we try to loggoff that user and try to login again wirth different domain user !

we are not able to authenticate that user, till we shut the port ion cisco switch and open it again,

any help

Answer: you need to configure machine authentication on the workstation.

If you are using 802.1x for authentication, that means the workstation has no connection to the domain until the user authenticates.  Even when the user authenticates via 802.1x, if the user's profile is not on the machine, the user cannot authenticate.  If you configure machine authentication, the workstation with authenticate as a machine and have a connection to the domain at the ctrl-alt-delete screen, so it can download the user's profile when the user logs in.

Answer: you need to configure machine authentication on the workstation.

If you are using 802.1x for authentication, that means the workstation has no connection to the domain until the user authenticates.  Even when the user authenticates via 802.1x, if the user's profile is not on the machine, the user cannot authenticate.  If you configure machine authentication, the workstation with authenticate as a machine and have a connection to the domain at the ctrl-alt-delete screen, so it can download the user's profile when the user logs in.

i have already configured the workstation to accept user or machine authentication, and i unchecked the windows user name and password from the aythentiction tab,

it works only when i shut and no shut the cisco port or when the macine restart again

A new Machine Authentication should happen when you log out and hit ctrl-alt-del to log in again.

I'm assuming your workstation is Windows based. Added a screenshot of how the config should/might look on the machine itself.

For domain laptops you should keep the "Automatically use my windows" ... box checked.