802.1x authenticate computer only

Similar Messages

• I want to force lan cable plugin during login process on 802.1x computer only weird client

  Hi
  I Configured Wired and computer only  802.1x authentications on all my switch and client on my network  ,It works without any problem .
  I have user logon script to change local administrator password each time they log on ,I recently find out they boot with light cd and change the administrator password and unplug the lan cable boot the system and login with new administrator password after
  that they plug lan cable , as they computer account is valid in active directory they are authorized and access the LAN .
  they bypass some group policy by this way,
  how can I force 802.1x wired client computer to plug lan cable during boot and login process in order to prevent bypass user login group policy  ?
  I want to force lan cable plugin during login process on 802.1x computer only weird client?
  Rigards

  Hello,
  you can disable CD/USB with GPO settings to prevent the use from it.
  And for the change from the local admin password you should consider that the CEO of the company should make clear policies so users can legally be punished if they don't work with the company rules.
  You can manage lot of settings with scripts etc. BUT there is a time where the CEO is responsible about rules.
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://blogs.msmvps.com/MWeber
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
  Twitter:  

• 802.1X Machine Authentication ONLY!

  Hi. I have a customer who wants to perform 802.1x machine authentication only to prevent users connecting there own devices to the corporate network. The machine credentials will be authenticated via Cisco ACS which will proxy the authentication to ActiveDirectory. If successful, the 802.1x assigns the port to a VLAN. At this point, the port is 'opened up' and the user can recieve an IP address and can then login to the domain as normal (AD username/password) via the network login screen. Is this a workable solution?
  I basically want the end user to not notice anything new, but 802.1x operates in the background to authenticate the machine before displaying the network login box. To the user, the PC boots and displays the login box and they login as normal :-) If they bring in their own device, it will fail 802.1x machine authentication and will not get any access.
  Has anyone implemented this? Is it a feasible design?
  Thanks
  Darren

  Hi Darren,
  good news for you.. you can do this using the "Machine Access Restriction" on both ACS 4.x and ACS 5.x:
  * ACS 5.x:
  http://www.cisco.com/en/US/customer/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/users_id_stores.html#wp1254965
  * ACS 4.x:
  http://www.cisco.com/en/US/customer/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2.1/User_Guide/UsrDb.html#wp354105
  As soon as the machine performs the 802.1x using the client credentials, the ACS will keep this info on a cache and it will match any further auth attempt (e.g. using the user credentials) for this client using the "Calling-Station-ID", so basically the client's MAC address.
  Depending on whether a client performed or not Machine Authentication before, you can decide whether to assign a sort of restricted access/guest VLAN or to deny access.
  If the personal client doesn't have a 802.1x supplicant at all, then you can decide to enable the guest vlan feature on the switch itself.
  I hope this helps.
  Regards,
  Federico
  If this answers your question please mark the question as "answered" and rate it, so other users can easily find it.

• Synching apps with 2 user accounts, 3 devices and one computer only

  I have a question that I can't find a clear answer.
  I previous had one iPod touch and one iPad that I synched with my iTunes library. No problem. But now the wife has finally purchased a verizon iPhone and I want to be able to use my vast app collection for her phone.
  Scenario is we each have separate user accounts (so we can maintain our own calendars and contacts, ect.). We each have our own ITunes accounts and our own iTunes libraries by default. She will not be purchasing much on her account though.
  How do I, without creating a can of worms, create one library to sync to so I can put apps and music on her phone without erasing any of her separate information. I have read a lot on the subject and there does not seem to be a clear answer anywhere. Yes, I have read ht1495 but that does not seem to be exactly on point
  Basically, I have 3 devices, 2 user accounts and 2 iTunes accounts but one computer only. I want to be able to have all iTunes stuff available on both user accounts and be able to have both people be able to read and write to the same library. I am sure there are plenty of people running into this issue with more and more people getting iPhones with verizon. It seems that it is easier to do with multiple computers than one computer.
  So, I am looking for help or advice on the easiest way to accomplish this task.

  In a way, each iTunes libary is considered to be a different account. Your daughter's iTunes account doesn't have access to your wife's data which has all the verification data.
  One option would not only to place the library in a Shared area, but also the verification data. I poked around and am not sure where it's stored. It's a good discussion to have with an Apple store Genius if you have one nearby.

• HT1414 I can not sync my iPhone after restoring it - my computer only gives me the restore (again and again and again) option.  I have no music and only a few aps now on my iPhone.  Any tips before I go to the genius bar?

  I can not sync my iPhone after restoring it - my computer only gives me the restore (again and again and again) option.  I have no music and only a few aps now on my iPhone.  Any tips before I go to the genius bar?

  If you restored as new, without using a backup, and still only get an option to restore, there is a hardware problem or the phone was previously hacked (jailbroken, downgraded iOS, unauthorized unlock).  Your only option is to take it to Apple or whoever provides iPhone service in your country.

• My boyfriend who has an iPhone 5 just had his phone stolen, he has an iCloud account with find my iPhone app downloaded but we do not have access to a computer only the safari on my iphone 4s, where do I need to go and what do I need to do to access his

  My bitfriend who has an iPhone 5 just had his phone stolen, he has an iCloud account with find my iPhone app downloaded but we do not have access to a computer only the safari on my iphone 4s, where do I need to go and what do I need to do to access his

  You need to download the free Find my iPhone application from the App Store.

• I partitioned a small drive for a windows program, and now the computer only wants to boot to Windows.  How do I get back to Mac so I can have a choice of drives?

    I partitioned a small drive for a windows program, and now the computer only wants to boot to Windows.  How do I get back to Mac so I can have a choice of drives?

  That doesn't sound good. It sounds like the power outage might have corrupted the partition for OS X. I would suggest booting from the Install DVD that came with your Mac while holding down the C key. Once you have selected the language start up Disk Utility from the pull down menu and repair the disk. Once you have done that then repair permissions also.
  Allan

• I keep getting an error when trying to update an app- cannot connect to store. I logged out from my account and tried to log back in and got the same error. I am doing all this from my phone since I no longer own a personal computer (only work)

  I keep getting an error when trying to update an app- cannot connect to store. I logged out from my account and tried to log back in and got the same error. I am doing all this from my phone since I no longer own a personal computer (only work) since I use iCloud and I tunes match

  YAY!!! Saved it in my Mac's Firefox Bookmarks for easy future access!
  Hope you are having a lovely afternoon today! I'm about ready to go bobo....I have an early meeting, and I don't want to oversleep! The nice part is that I work remotely, so I only have to wake up 15 minutes or so before the meeting.... I don't even use an alarm clock anymore (really, my iPhone alarm, which is much more pleasant), unless I have to get up at 6:30 or something....
  TMI?
  GB

• MY COMPUTER ONLY SHOWS A BLACK SCREEN, WITH ONLY THE POP UP SHOWING .....VIEW AND TRACK YOUR DOWNLOADS

  MY COMPUTER ONLY SHOWS A BLACK SCREEN, WITH ONLY THE POP UP SHOWING .....VIEW AND TRACK YOUR DOWNLOADS

  Hi,
  First plaese unplug any external device (except the mouse and keyboard), then hold on the power button, perform a cold reboot, what is the result?
  If doesn't work, please press F8 (or other button, depend on your PC model) boot your compute into recovery console.
  You can restore your system to a previous point or perform a startup repair, please refer to the following link:
  What to do if Windows won't start correctly
  http://windows.microsoft.com/en-in/windows-vista/what-to-do-if-windows-wont-start-correctly
  Yolanda Zhu
  TechNet Community Support

• I have a brand new mini mac and a new apple TV. Both have been updated and can see my movies in itunes. I can use Netflix and stream music. I have tried to use my old laptop and it streams video fine. But my new computer only see a spinning circle.

  I have a brand new mini mac and a new apple TV. Both have been updated and can see my movies in itunes. I can use Netflix and stream music. I have tried to use my old laptop and it streams video fine. But my new computer only see a spinning circle.

  Please read this whole message before doing anything.
  This procedure is a diagnostic test. It won’t solve your problem. Don’t be disappointed when you find that nothing has changed after you complete it.
  The purpose of this test is to determine whether the problem is localized to your user account. Enable guest logins* and log in as Guest. Don't use the Safari-only “Guest User” login created by “Find My Mac.”
  While logged in as Guest, you won’t have access to any of your personal files or settings. Applications will behave as if you were running them for the first time. Don’t be alarmed by this; it’s normal. If you need any passwords or other personal data in order to complete the test, memorize, print, or write them down before you begin.
  Test while logged in as Guest. Same problem?
  After testing, log out of the guest account and, in your own account, disable it if you wish. Any files you created in the guest account will be deleted automatically when you log out of it.
  *Note: If you’ve activated “Find My Mac” or FileVault in OS X 10.7 or later, then you can’t enable the Guest account. The "Guest User" login created by "Find My Mac" is not the same. Create a new account in which to test, and delete it, including its home folder, after testing.

• HT1689 the computer I orginally sync"ed" to broke.  The new computer only has about a dozen songs.  How can I downdload my music from the Ipod to the computer?

  the computer I orginally syncd to broke.  The new computer only has about a dozen songs that were purchased from itunes.  Is there any way
  I can get the thousands of other songs from the ipod downloaded to the computer.

  - Connect the iPod to the computer and transfer iTunes purchases:
  iTunes Store: Transferring purchases from your iOS device or iPod to a computer
  - Transfer other music by using a third-party program like one of those discussed here:
  Copy music
  - Connect the iPod to the computer and make a backup by right clicking on the iPod under Devices in iTunes and select Back Up
  - Restore the iPod from that backup
  Note that the iPod backup that iTunes makes does not included synced media like apps and music.

• HT2900 Hi Is this parental control specific to a computer only ??

  For example, I wish to set some parental controls on my home network so that when my children log into their iPods or PC's or iPads that they are restricted from accessing certain content ?
  Can this be done by setting a parental control on the main computer only or does it need to be done on every device, or with my ISP
  Thanks

  That would be the user account on the computer. Parental controls have no connection with an Apple ID or iTuens Store account.
  There is no way to globally manage parental controls on all devices. Parental controls on the Mac are completely separate from controls on an iOS device. For a Mac, you set the parental controls for the user's account in Mac OS X (in the System Preferences) or, as Camelot indicated, on a Mac OS X Server, something few home users have or are willing to set up.
  For an iOS device, you would set up the controls on each device individuall unless you want to obtain and learn a mobile device management system such as Apple Configurator, JAMF's Casper, or another such solution. For most home users it's easist just to set up the iOS devices separately.
  Regards.

• HT200154 Both my apple tis are blinking fast.  I have unplugged everything including the TV but I do not have. Computer only an iPad and do know know how to resolve this matter.

  Both my apple tvs started blinking very fast and yesterday they were both working.  I have plugged and unplugged everything but I do not have a computer only an iPad and do not know of any way to restore the settings

  Here's how you may reset your Apple TV: Restore your Apple TV (2nd and 3rd generation) - Apple Support

• Can't install OSX Mountain Lion, on the disk selection screen i cant select the Macintosh HD to install OSX giving a message (This disk cannot be used to start up your computer).only have one disk to select and my partition map scheme is GUID partition

  just bough OSX Mountain Lion, my laptop operating with v10.6.8.  Can't install OSX Mountain Lion, on the disk selection screen i cant select the Macintosh HD to install OSX giving a message (This disk cannot be used to start up your computer).only have one disk to select and my partition map scheme is GUID partition table. 24.44gb disk available.

  Verify your computer can run Mountain Lion:
  Upgrading to Mountain Lion
  To upgrade to Mountain Lion you must have Snow Leopard 10.6.8 or Lion installed. Purchase and download Mountain Lion from the App Store. Sign in using your Apple ID. Mountain Lion is $19.99 plus tax. The file is quite large, over 4 GBs, so allow some time to download. It would be preferable to use Ethernet because it is nearly four times faster than wireless.
       OS X Mountain Lion - System Requirements
         Macs that can be upgraded to OS X Mountain Lion
           1. iMac (Mid 2007 or newer) - Model Identifier 7,1 or later
           2. MacBook (Late 2008 Aluminum, or Early 2009 or newer) - Model Identifier 5,1 or later
           3. MacBook Pro (Mid/Late 2007 or newer) - Model Identifier 3,1 or later
           4. MacBook Air (Late 2008 or newer) - Model Identifier 2,1 or later
           5. Mac mini (Early 2009 or newer) - Model Identifier 3,1 or later
           6. Mac Pro (Early 2008 or newer) - Model Identifier 3,1 or later
           7. Xserve (Early 2009) - Model Identifier 3,1 or later
  To find the model identifier open System Profiler in the Utilities folder. It's displayed in the panel on the right.
  Open Disk Utility and verify the drive is partitioned using GUID and formatted Mac OS Extended, Journaled. If it is then do this:
  Repair the Hard Drive and Permissions
  Boot from your Snow Leopard Installer disc. After the installer loads select your language and click on the Continue button. When the menu bar appears select Disk Utility from the Utilities menu. After DU loads select your hard drive entry (mfgr.'s ID and drive size) from the the left side list.  In the DU status area you will see an entry for the S.M.A.R.T. status of the hard drive.  If it does not say "Verified" then the hard drive is failing or failed. (SMART status is not reported on external Firewire or USB drives.) If the drive is "Verified" then select your OS X volume from the list on the left (sub-entry below the drive entry,) click on the First Aid tab, then click on the Repair Disk button. If DU reports any errors that have been fixed, then re-run Repair Disk until no errors are reported. If no errors are reported click on the Repair Permissions button. Wait until the operation completes, then quit DU and return to the installer.
  If DU reports errors it cannot fix, then you will need Disk Warrior and/or Tech Tool Pro to repair the drive. If you don't have either of them or if neither of them can fix the drive, then you will need to reformat the drive and reinstall OS X.
  Now try installing Mountain Lion.

• I have no sound in my computer, only with headphones, i tried the software update but it still doesn't work, and i have a red light on in my computer.

  I have no sound in my computer, only with headphones, i tried the software update but it still doesn't work, and i have a red light on in my computer. How to resolve that  ?

  Plug and unlpug the headphone jack with some intention to get the mechanical switch to flip.
  You can google for more intrusive methods. 
  ex. Read through all the many approachs: http://www.ifixit.com/Answers/View/8797/Audio+jack+problem,+no+speaker+sound,+re d+light