Wireless Networking - WLAN User

02-06-2007, 11:31 PM

Hello All,

Had a question on what rights/permissions does a wireless user need that is
using EAP-TLS with machine and user certificates.

My situation is that I have a user that has a machine and user certificate.
I boot up the laptop and can see the machine authenticate successfully. When
I login as the user he can never connect. It stays at "validating identity".

However, when I make the user a member of the local Administrator's group,
he can connect just fine. What gives? I cannot afford to make all of the
users of wireless administrators! If anyone has info on what access the
wireless user needs I would greatly appreciate it! (I have already tried
making the user a member of the network configuration group....no go)

TIA,
Drew

=?Utf-8?B?RHJld0NTVUM=?=

02-07-2007, 05:32 PM

Okay I have a little more info:

I used the "netsh ras set tracing * en" command and then looked through
the EAPOL generated log file. I found the ElGetUserIdentity function with
an error of 997.

This document:
http://www.microsoft.com/technet/pro.../wlansupp.mspx

Indicates that the certificate cannot be found (the certs are not pin
protected). What is up? When I open the Cert snap-in I cannot see them UNLESS
the user is local admin. Is this the way it HAS to be? Does anyone have a
solution to allow a
power user (or regular user) to see their certs when connected wirelessly?

Why would they be able to see when connected to the wire?

Confused,

Andrew

"DrewCSUC" wrote:

> Hello All,
>
> Had a question on what rights/permissions does a wireless user need that is
> using EAP-TLS with machine and user certificates.
>
> My situation is that I have a user that has a machine and user certificate.
> I boot up the laptop and can see the machine authenticate successfully. When
> I login as the user he can never connect. It stays at "validating identity".
>
> However, when I make the user a member of the local Administrator's group,
> he can connect just fine. What gives? I cannot afford to make all of the
> users of wireless administrators! If anyone has info on what access the
> wireless user needs I would greatly appreciate it! (I have already tried
> making the user a member of the network configuration group....no go)
>
> TIA,
> Drew

=?Utf-8?B?RHJld0NTVUM=?=

02-07-2007, 05:32 PM	#2
=?Utf-8?B?RHJld0NTVUM=?= Posts: n/a	RE: WLAN User Okay I have a little more info: I used the "netsh ras set tracing * en" command and then looked through the EAPOL generated log file. I found the ElGetUserIdentity function with an error of 997. This document: http://www.microsoft.com/technet/pro.../wlansupp.mspx Indicates that the certificate cannot be found (the certs are not pin protected). What is up? When I open the Cert snap-in I cannot see them UNLESS the user is local admin. Is this the way it HAS to be? Does anyone have a solution to allow a power user (or regular user) to see their certs when connected wirelessly? Why would they be able to see when connected to the wire? Confused, Andrew "DrewCSUC" wrote: > Hello All, > > Had a question on what rights/permissions does a wireless user need that is > using EAP-TLS with machine and user certificates. > > My situation is that I have a user that has a machine and user certificate. > I boot up the laptop and can see the machine authenticate successfully. When > I login as the user he can never connect. It stays at "validating identity". > > However, when I make the user a member of the local Administrator's group, > he can connect just fine. What gives? I cannot afford to make all of the > users of wireless administrators! If anyone has info on what access the > wireless user needs I would greatly appreciate it! (I have already tried > making the user a member of the network configuration group....no go) > > TIA, > Drew =?Utf-8?B?RHJld0NTVUM=?=

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
creating user defined service in windows	suresh_rtp	Software	0	05-05-2009 08:34 AM
ASP.NET with User Interface Process Application Block	robinp	Software	0	03-05-2007 10:01 AM
Ajax Atlas not working in User Control	faiq	Software	0	09-16-2006 08:28 AM
Any DVD Player that can override User Prohibitions?	Walter Traprock	DVD Video	3	12-03-2005 11:43 PM
TheDigitalReview: BABE SPECIAL EDITION - DVD REVIEW (User Review)	Mike McGee	DVD Video	0	12-04-2003 04:52 AM

02-06-2007, 11:31 PM	#1
	WLAN User Hello All, Had a question on what rights/permissions does a wireless user need that is using EAP-TLS with machine and user certificates. My situation is that I have a user that has a machine and user certificate. I boot up the laptop and can see the machine authenticate successfully. When I login as the user he can never connect. It stays at "validating identity". However, when I make the user a member of the local Administrator's group, he can connect just fine. What gives? I cannot afford to make all of the users of wireless administrators! If anyone has info on what access the wireless user needs I would greatly appreciate it! (I have already tried making the user a member of the network configuration group....no go) TIA, Drew =?Utf-8?B?RHJld0NTVUM=?=