|
Posted by =?Utf-8?B?SmFudWFy?= on October 31, 2006, 10:25 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi all,
I have problem with roaming profile when the 802.1x authentication is
configured and where there are 2 or more VLANs. If the machine authentication
succesful, IAS will instruct the switch to configure the port to VLAN x. Then
when a user logs on, IAS will instruct the switch to move the port to VLAN y.
For other group of users, we set to VLAN z.
The problem: the user won't be able to download (after logging in) and
upload (after logging off).
I notice that this is due to changing of VLAN on the switch: once the user
logs on, the switch will quickly move the port to VLAN y, while the IP
address of the PC still belongs to subnet of VLAN x. It means the PC cannot
contact the server until it gets a new valid IP address (in the VLAN x).
My setting:
AuthMode --> 1
SupplicantMode --> 3
(based on
http://technet2.microsoft.com/WindowsServer/en/Library/8e74974f-c951-48ce-8235-02f4ed8e74921033.mspx?mfr=true)
I tried to create:
GpNetworkStartPolicyTimeoutValue --> 60 (seconds)
(under HKLM\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon, based on
http://support.microsoft.com/default.aspx?scid=kb;en-us;840669) but no
success.
Is there any way to delay the downloading/uploading the profile? So that the
PC will have time to change the valid IP address before downloading/uploading
the user profile.
Thank you in advance.
| 
XML site map