01-30-2017 08:10 AM
When a computer needs to be re-imaged remotely, is there a way to authenticate the newly imaged workstation on an internal LAN? A dot1.x group policy needs to be applied to the workstation, but looking for a way to give the machine network access before getting the GPO pushed down.
Solved! Go to Solution.
01-30-2017 08:20 AM
What I do to facilitate this need is detailed below:
In the Policy Set for the 802.1x Wired Network, create an Authentication Rule for Wired_MAB.
Then, for the Authorization Rule, place it just before the Default Rule and allow it to access specific network functions (DHCP, DNS, ISE, Image Server (or AD Domain Controller for Domain Joins).
Line 1 is DHCP
Line 2 is DNS
Line 3 is ping
Line 4 is ISE
Line 5 is AD DC/Imaging Server
This will allow for Domain Joins and re-imaging of machines, upon reboot and login, the GPO will be pushed to the client and then it's business as usual.
01-30-2017 08:20 AM
What I do to facilitate this need is detailed below:
In the Policy Set for the 802.1x Wired Network, create an Authentication Rule for Wired_MAB.
Then, for the Authorization Rule, place it just before the Default Rule and allow it to access specific network functions (DHCP, DNS, ISE, Image Server (or AD Domain Controller for Domain Joins).
Line 1 is DHCP
Line 2 is DNS
Line 3 is ping
Line 4 is ISE
Line 5 is AD DC/Imaging Server
This will allow for Domain Joins and re-imaging of machines, upon reboot and login, the GPO will be pushed to the client and then it's business as usual.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide