4,659 questions
802.1x and computer GPO
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 67%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
Jérôme Quintard
1
Reputation point
Hi,
We use 802.1x with EAP-MSCHAPv2 / PEAP authentification to authenticate our users with dynamic VLAN assignment. It works perfectly but we have issues with computer GPO.
The problem is very simple : we use this kind of GPO to install apps from msi, vbs or mst files (using startup script). But this GPO are called before the user is authenticated on windows. During this time, the computer has no network connection and can't reach the sysvol or any cifs share. We tried to delayed the GPO but the issue is the same. We have open a paid ticket on the microsoft support, but since more than 2 month, we waiting a solution.
What is the best practice to use computer GPO with 802.1x ? Do you have any solution ?
Jerome
Windows for business | Windows Client for IT Pros | Networking | Network connectivity and file sharing
Windows for business | Windows Client for IT Pros | User experience | Other
Sign in to answer