Personalizar o nome de usuário do Windows8 dot1x / PEAP WiFi por SSID

5

É uma pergunta aparentemente simples.

Como posso personalizar o nome de usuário do WPA2 Enterprise no Windows 8, por SSID?

Hackers de registro são bons para mim.

Passe o mouse abaixo para informações contextuais (não é realmente necessário para responder à pergunta) :

PROBLEM DETAILS:

We run WPA2 Enterprise (dot1x / PEAP) on our BYOD wlan with rotating credentials; one persistent problem I've not been able to solve is how I can get Windows 8 clients on this network.

The problem is that when people try to join with Windows8, Windows always sends the logged-in user's username by default. That's fine if you're going to use it, but our security policy forces us to use a static BYOD WPA2 Enterprise username and password on our Wireless Controller (rotated regularly).

It's not very hard to change this behavior in Windows 7, but Windows 8 introduced a new level of insanityGUI which makes it very hard to find how you customize the wlan's WPA2 Enterprise username.

ENVIRONMENT DETAILS:

1. People are encouraged to bring their own devices and use two factor IPSec VPN through the BYOD WiFi to their company desktop as they like.

2. This means that the logged in username on the BYOD device cannot be predicted... That's part of the reason for static BYOD WiFi credentials.

3. Even though Windows 8 asks for a WPA2 Enterprise username when you join, by default it overrides it and still uses the wrong username

4. The company network and BYOD network are firewalled from each other for all the obvious reasons.

5. Authentication stores are outside the scope of this question.


@EEAA correctly pointed out that parts of the security policy aren't helpful, but I still need to solve the problem. The problem exists regardless of whether we use a static username or rotating username.
    
por Mike Pennington 28.12.2016 / 17:20

1 resposta

3

Tente isto:

  1. Abra o painel de controle > Centro de Rede e Compartilhamento
  2. Selecione seu ID de rede, clique em Propriedades sem fio > Guia Segurança .
  3. Verifique se WPA2 Enterprise está selecionado como o tipo de segurança.
  4. Em "Selecione um método de autenticação de rede", selecione Microsoft: Protected EAP (PEAP) .
  5. Ao lado deste menu suspenso, clique em Configurações .
  6. Em "Selecionar o método de autenticação", selecione Senha protegida (EAP-MSCHAP v2)
  7. Ao lado deste menu suspenso, clique em Configurar .
  8. Desmarque a caixa "Usar automaticamente a opção de nome de login e senha do Windows (e domínio, se houver)".
por 10.01.2017 / 16:29