Windows Domain login unavailable even with PEAP machine authentication

Discussion in 'Wireless Networking' started by jmccabe1, Jan 11, 2006.

  1. jmccabe1

    jmccabe1 Guest

    So I have setup a Cisco 1200 WAP, a Cisco ACS 3.3 appliance, Win 2003
    AD server, and my laptop as a test machine. The ACS has the proper
    remote agent to talk to the Windows AD server. I have machine
    authentication enabled and at first glance, it appears to be working as
    the client authenticates to AD and is given an IP. I can ping the
    client, remote control it, etc. The problem is that the client (my
    laptop) can only login to the domain if the user has a cached profile
    on my machine. If I try another user that is on the domain, but has
    not logged onto my machine, I get error "The system cannot log you on
    now because the domain <domain> is not available.

    What am I missing?
    jmccabe1, Jan 11, 2006
    1. Advertisements

  2. jmccabe1

    jmccabe1 Guest

    I should mention the client is Win2000 using the builtin PEAP support
    with 'send computer name' enabled, as well as 'use windows logon
    jmccabe1, Jan 11, 2006
    1. Advertisements

  3. Your WLAN client needs to have Single Sign On (SSO) support that includes a
    system service and GINA DLL module, otherwise you won't be able to connect
    to the AP and network before you attempt to log into your domain account on
    your local machine.

    Phil Doragh
    Philip Doragh, Jan 12, 2006
  4. jmccabe1

    jmccabe1 Guest

    I have switched to using a Dell 1350 WLAN pcmcia card that supports
    SSO, CCX2, and has service based drivers. Not sure what is going on,
    but I've tried so many nic's that I am re-imaging my laptop to start
    from scratch. Too many wireless drivers installed, including Cisco,
    which kills MS PEAP.
    jmccabe1, Jan 12, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.