Hi,
That would be supplicant-dependent, right? For example the Intel supplicant which I tried some time ago had a very solid opinion abou Well that is true, I guess I'm only familiar with Windows supplicants.
The Intel supplciant *is* for Windows. It comes coupled with Centrino chipsets and is a lot more usable than the *built-in* supplicant that comes with the OS. I say this just to make you aware that you may be badly advised if you do your non-conformance tests only against the XP/Vista built-in supplicant. Unless your corporate environment is locked down so that it prevents this supplicant from being installed, you should be very careful about the assumptions you have about your end-users equipment. Do you have any other devices that need network access? How about PDAs? SymbianOS, maybe even some freaky Linux users?
Anyway, it is a *very* bad idea to rely on such behaviour. I suggest a bucket of cold water into the face of the guy's management. An authentication server is used to authenticate users, not to non-authenticate users.
Once again, we're not relying on it - this is an emergency procedure, to be used in emergencies only. We're talking about availability as a component of security here. There is nothing wrong with a documented, tested plan for an emergency situation.
As you wish. Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473