Sign in with
Sign up | Sign in
Your question

Access to Client running PEAP with Remote Desktop

Last response: in Wireless Networking
Share
Anonymous
a b F Wireless
February 1, 2005 2:35:04 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

I am running W 2003 with IAS on a wireless network using PEAP. My machines
will join the network based on computer and/or user like they should.

I need to get to remote machines using Remote Desktop to service them. When
Remote Desktop connects to a machine, the connectivity to the wireless
network is lost, the computer is locked with the account I logged in with.
The account I log in with has rights to access the network via wireless. Is
there any way around this?

Hopefully, this is enough info.
Anonymous
a b F Wireless
February 1, 2005 7:29:11 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Hi Chuck,

The scenario you describe (trying to Remote Desktop to a wirless client
machine) is currently an unsupported scenario. The problem lies with the
interaction of the Remote Desktop user and 802.1x authentication. The issue
is known and will be solved in Longhorn. I believe a knowledge base article
is in the works as well. The only way around this is to either not use
802.1x authentication or to use a wired interface.


"Chuck Neville" <ChuckNeville@discussions.microsoft.com> wrote in message
news:07CBB671-5083-4897-8F56-139AF8A5CC8D@microsoft.com...
>I am running W 2003 with IAS on a wireless network using PEAP. My machines
> will join the network based on computer and/or user like they should.
>
> I need to get to remote machines using Remote Desktop to service them.
> When
> Remote Desktop connects to a machine, the connectivity to the wireless
> network is lost, the computer is locked with the account I logged in with.
> The account I log in with has rights to access the network via wireless.
> Is
> there any way around this?
>
> Hopefully, this is enough info.
Anonymous
a b F Wireless
February 1, 2005 7:59:02 PM

Archived from groups: microsoft.public.windows.networking.wireless (More info?)

Depending on the exact nature of your work and security model, you can use
the following registry key change. It will authenticate the connection in
the context of the computers domain account and never try to switch to
authenticating in the user's context.

Just make sure that you understand that this is neutering your per user
authentication.

The setting of the AuthMode registry entry controls the computer and user
authentication behavior of Windows XP and Windows Server 2003.

Registry path
HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global\AuthMode

Version Windows XP and Windows Server 2003

AuthMode has the following values:

0 - Computer authentication mode. If computer authentication is successful,
no user authentication is attempted. If the user logon is successful before
computer authentication, user authentication is performed. This is the
default setting for Windows XP (prior to Service Pack 1).
1 - Computer authentication with re-authentication. If computer
authentication is successful, a subsequent user logon results in a
re-authentication with user credentials. The user logon has to complete in
60 seconds or the existing network connectivity is terminated. The user
credentials are used for subsequent authentication or re-authentication.
Computer authentication is not attempted again until the user logs off the
computer. This is the default setting for Windows XP Service Pack 1 (SP1)
and Windows Server 2003.
2 - Computer authentication only. When a user logs on, it has no effect on
the connection. Only computer authentication is performed. The exception to
this behavior is when a user successfully logs on, and then roams between
wireless APs. In that case, user authentication is performed. For changes to
this setting to take effect, restart the Wireless Zero Configuration service
for Windows XP or Windows Server 2003.

Cheers,

--
Mark Gamache
Certified Security Solutions
http://www.css-security.com



"Peter Bui[MS]" <peterbui@online.microsoft.com> wrote in message
news:errS44LCFHA.3336@TK2MSFTNGP11.phx.gbl...
> Hi Chuck,
>
> The scenario you describe (trying to Remote Desktop to a wirless client
> machine) is currently an unsupported scenario. The problem lies with the
> interaction of the Remote Desktop user and 802.1x authentication. The
> issue is known and will be solved in Longhorn. I believe a knowledge base
> article is in the works as well. The only way around this is to either
> not use 802.1x authentication or to use a wired interface.
>
>
> "Chuck Neville" <ChuckNeville@discussions.microsoft.com> wrote in message
> news:07CBB671-5083-4897-8F56-139AF8A5CC8D@microsoft.com...
>>I am running W 2003 with IAS on a wireless network using PEAP. My machines
>> will join the network based on computer and/or user like they should.
>>
>> I need to get to remote machines using Remote Desktop to service them.
>> When
>> Remote Desktop connects to a machine, the connectivity to the wireless
>> network is lost, the computer is locked with the account I logged in
>> with.
>> The account I log in with has rights to access the network via wireless.
>> Is
>> there any way around this?
>>
>> Hopefully, this is enough info.
>
>
!