Custom EAP package and pre-logon authentication RRS feed

  • Question

  • Hi All!

    I have custom EAP package (supports fingerprints, contactless cards and so on) which allows user to establish secure connection via VPN, wired or wireless network. In last cases (wired and wiress) my package can be used with 802.11 authentication. By historical reasons this package was implement as old EAP (not EAPHost). Also i have custom CP (credential provider) which allows user to logon to Windows domain via fingerprints etc. Now i want to see my EAP UI at logon screen. In other words, user should be able to authenticate on 802.11 enabled router, establish connection to DC and then logon to domain. But i don't see connect button on Logon Screen. If i change EAP package from my to MS Protected EAP together with MS-CHAP2 i see message in standard MS Password CP "Windows will try to logon to network". How this implemented in standard CP and MS-CHAP2?

    I read topics about EAP host and its support of SSO. Also i read topics about PLAP-compatible credential providers. But i don't understand anything :)

    Please help.

    Monday, May 14, 2012 10:28 AM