Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

PCM/IDM - Clients will not put int the right Policy Group

Alen Ahja
Frequent Advisor

PCM/IDM - Clients will not put int the right Policy Group

We definied a Access Policies LAN-Computers which should include all Computers/Clients from the Active Directory for the 802.1x Authentication.

But all Clients will be put in the "Default Access Policy Group" and named different like the Hosname. The get always the Name "Host/Client_Hostname.FQDN"

Is this right?

Thanx for helping.
2 REPLIES
Holger Hasenaug
Trusted Contributor

Re: PCM/IDM - Clients will not put int the right Policy Group

A Windows PC which runs in a domain needs to contact the Windows domain server even before the user logs on the computer. E.g. Windows Group Policy Objects are already transferred to the computer before the user logs on.
Therefore 802.1X is by default a two step authentication process on MS Windows PCs:

1. A machine or computer authentication using â host/client_Hostname.FQDNâ as a 802.1X username.

2. A user authentication after the user enters username and password using â Windows Domain name\usernameâ as a 802.1X username.

You are able to change that depending on the OS Version and Service Pack either on the computer itself via the Registry, via the authentication settings inside the LAN properties or on the domain controller via the Group Policy Group settings.
Alen Ahja
Frequent Advisor

Re: PCM/IDM - Clients will not put int the right Policy Group

Hello!

That's clear but the computers won't be locatet in the right Policy.
All PC's will be gettint in the "Default Access Policy" of the IDM and not in the "LAN-Computer" Policy where the should get in becaulse all Domain-Computer are in this Active Directory GRoup.