Radius + AD + Machine auth before user logon

Muhammad Umer 1 Reputation point
2021-05-21T11:58:28.637+00:00

I have a windows server 2016 and I've configured Active Directory and DNS and Hyper-v on it.
In that physical server, I have created a VM which is another windows server and I made it my DHCP.

Need Solution:
I would like to allow machine joined the SSID without using users credentials, but the AD machine account.

Requirement
The objective is to build an automatic connection to a specific SSID before the user use his credentials.

The behavior I would like to have is :

  • First check if machine is in AD, if yes, then ok for connection
  • If Machine is not in AD (mobile users), ask for credentials

Kindly guide step wise procedure to achieve this task

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
11,748 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Candy Luo 12,646 Reputation points Microsoft Vendor
    2021-05-24T02:20:37.8+00:00

    Hi ,

    As far as I know, there is no native way can achieve your goal. NPS cannot combine user and machine authentication to make a decision.

    The similar thread has been discussed before, you could have a look:

    Radius + AD + Machine auth before user logon

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best Regards,
    Candy

    --------------------------------------------------------------

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Muhammad Umer 1 Reputation point
    2021-05-24T04:16:02.163+00:00

    No worries, if we can use only single authentication (machine) that is also fine.
    Could you please share the solution for the Machine Authentication process.


  3. Candy Luo 12,646 Reputation points Microsoft Vendor
    2021-05-24T07:08:32.823+00:00

    Hi ,

    We need to use computer certificate to authenticate devices. The following article talking about how to create a computer template and deploy wireless profile with computer authentication to clients, you could have a look:

    Wireless 802.1x Authentication Using Network Policy Server

    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.

    Best Regards,
    Candy

    --------------------------------------------------------------

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments