M
Michael Mullins
I would like Win2k client PC's to boot up, run a program
called clientutility.exe for example, as a valid domain
user, and then log off so the domain logon screen is
displayed.
This is to activate a WPA (EAP-TLS with TKIP) certificate
based wireless LAN in advance of users logging on to
domain. Yes I am contemplating allocating a
single "user" account to each PC or room at worst, and
making that maintain the wi-fi connection. Then users
only need to log on to the domain, rather than faff about
with certificates and client utilities. (Customer doesn't
trust PEAP).
Before you scream how insecure that is, well I believe it
isn't insecure, as long as the certificate on each PC is
protected. And the only down side is you can't track
wireless user logon in the RADIUS log. In'it?
called clientutility.exe for example, as a valid domain
user, and then log off so the domain logon screen is
displayed.
This is to activate a WPA (EAP-TLS with TKIP) certificate
based wireless LAN in advance of users logging on to
domain. Yes I am contemplating allocating a
single "user" account to each PC or room at worst, and
making that maintain the wi-fi connection. Then users
only need to log on to the domain, rather than faff about
with certificates and client utilities. (Customer doesn't
trust PEAP).
Before you scream how insecure that is, well I believe it
isn't insecure, as long as the certificate on each PC is
protected. And the only down side is you can't track
wireless user logon in the RADIUS log. In'it?