Can't Log into 802.1x wireless with local account using domain credentials after Windows 10 2004

Mike Murphy 41 Reputation points

I've been searching for a workaround and no luck so far. We use aruba-clearpass to manage our wireless infrastructure. We have a GPO in AD that handles 802.1x authentication. Prior to Win 10 2004, our techs could simply log into a new windows computer with a local admin account to set it up, and they could select the secure wireless network. The wireless interface on the device would prompt you for domain credentials and you could authenticate and finish binding to the domain etc.

This seems to have gone away with build 2004 and we cant find a solution. This makes setting up new Win 10 devices in a total wireless building or classroom very problematic. For reasons I don't fully understand, using the GPO setting "Computer Auth", even with the "wait for network before logging in" setting doesn't work properly, and Clearpass assumes it's unauthenticated still and dumps the connection into the more restrictive student vlan, so we have used the "Computer, User re-auth" GPO setting which has always worked just fine. We only have about a thousand Windows devices compared to thousands of Macs, and they have no issue using domain credentials to log in with those.

I appreciate any advice on this. Thanks much

A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,734 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,833 questions
Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,270 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Candy Luo 12,656 Reputation points Microsoft Vendor

    Hi ,

    Thanks for your posting here. In your case, we may need to trace and collect some logs to find clues. However, analysis of log is beyond our forum support level and due to forum security policy, we have no such channel to collect user log information. So we recommend you open a case with MS Professional tech support service, they will help you open a phone or email case to Microsoft, so that you would get a technical support on a one-to-one basis while ensuring private information.

    Here is the link:

    Best Regards,


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Mike Murphy 41 Reputation points

    Then where is the Microsoft TechNet equivalent to ask questions about Active Directory Enterprise environments with 802.1x issues?