So if authentication fails, dot1x will drop the connection, period. There is no way around that. The only way around it is to make sure your computer is configured to have only Machine Authentication on the wireless. That way, only the computer will authenticate and the user is out of the picture. If the user does not authenticate successfully to the computer, the user will not be able to get into the computer, but the computer will still have an ip address and can be managed.