The computer itself can not authenticate to the domain if it does not have a
computer account in Active Directory via EAP-TLS. If you use PEAP there is
no computer authentication - only user configuration at the client end but
all computers would need to trust the certificate on the IAS server. A non
domain computer can request a certificate from a domain CA via Web
Enrollment and is often done for ipsec offline certificate requests. There
is also a Microsoft wireless newsgroup where you may want to post. ---
Steve
