As a matter of fact, this very setup saved my bacon this week. I had to get into an older Windows7 laptop, and while my domain account was a member of the admins group, I hadn't logged on since before my most recent password change (so it had my old password cached). AND the wired settings were unknown and didn't work on any LAN I tried. So I fired up 802.11i wireless... and the pre-Windows logon text box was added to my login screen, allowing me to authenticate to FreeRADUIS (Samba/ntlm-auth) and get on the network so my machine could talk to a DC and update to use my current password. FreeRADIUS saves the day :) Steve -----Original Message----- From: freeradius-users-bounces+steven.lovaas=colostate.edu@lists.freeradius.org [mailto:freeradius-users-bounces+steven.lovaas=colostate.edu@lists.freeradius.org] On Behalf Of Phil Mayers Sent: Friday, September 09, 2011 8:21 AM To: freeradius-users@lists.freeradius.org Subject: Re: Windows Pre-Login Auth On 09/09/2011 03:00 PM, Scott Hughes wrote:
Hello all,
I have been using FreeRadius for several years now and am stuck trying to make our Windows based wireless system authenticate PRIOR to user login.
I have searched the FreeRadius and Deploying FreeRadius sites as well as Google, but no luck. Here is a brief over-view of my FreeRadius setup:
1) Clients: Windows XP & Windows 7 (Professional in both cases - NO VISTA!)
2) Currently running FreeRadius version 2.0.5
3) Currently authenticating users via TLS/PEAP with computer name/username
I'm not sure what you're asking here. Pre-login auth is entirely client side. As long as FreeRADIUS can authenticate the users, it'll just work. Have you tried it? I assume you are using Samba/ntlm_auth to verify the PEAP/MSCHAP against your domain? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html