802.1x Credentials and reauthentication

802.1x Credentials and reauthentication

Post by Chris Hill » Fri, 10 Jun 2005 17:22:20


How can I force WIndows XP to reauthenticate using a different set of
credentials? (using PEAP-EAP-MSCHAPV2)

Disconnecting and reconnecting the network connection does not work.
Rebooting does not work. It uses the logon credentials by default, even
though I have unchecked "Automatically use my Windows logon name and
password (and domain if any)"

NB this is a wired connection, not wireless.


Chris Hills
IT Services
North East Worcestershire College

802.1x Credentials and reauthentication

Post by PJ » Fri, 17 Jun 2005 22:11:51

i Chris,

Did you ever get an answer to your question. I believe that we are
having similar issues. here is my post:


Thanks for the suggestion, but I am already getting an access denied

I need a login box to allow me to login with different username and

Also, while we are connecting to an SMB server it is a Mac OSX Server.

I need a client only solution, i.e. no server changes are allowed.

I just dont want the machine to pass the local username and password
when attempting to connect to \\server1\share.

We have tried setting the following local security policy to disabled:

1. Network Access: Do not allow storage of credentials or .NET passports
for network authentication.

2. Microsoft Network Client: Send unencrypted password to third-party
SMB servers.

David Rios wrote:

> On the sharing computer:
> Go to control pannel
> Click users
> Add the user name(s) that you want to DENY access. Make sure to give
them "Guest" privledges AND disable the account.
> Close the control pannel and the user manager.
> On the share:
> Go into the security settings of the share by right-clicking on it
and selecting "sharing an security" (from the computer you are sharing
the file.)
> on the sharing tab click "permissions"
> Add the username you want to disable
> Select the "Deny" checkboxes for that user. (Make sure you select
only the user you wish to deny, and not "everyone")
> Click "OK" repeatedly to exit.
> This should deny only that username.
> -David Rios
> "PJ" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...
>> I am having an issue, but then again, aren't we all?
>> Our environment is a large organization in a workgroup setting (no
>> All computers are running Windows XP Pro (SP2)
>> We have a generic local user account setup for each conference room
computer in our organization, let's say...
>> username: confroom
>> password: confroom
>> This enables any user to login and get basic access to a computer.
i.e. web browsing/email.
>> The confroom account also, is a valid account for email and file
>> We are using UNC paths to access network shares. Apparently mapping
a drive using different user credentials is too complicated for our users.
>> When users try to access an SMB network share, the local user info
is passed to, and accepted by the remote server.
>> The problem is that this generic user has no rights to any network
>> I want to prevent this auto-login process from happening.
>> I would like the user to be presented with a login box.
>> 1. Dilbert walks into a conference room and wants to use computer.
>> 2. Dilbert logins locally to computer using confroom account
>> 3. Dilbert attempts to use start-Run to access \\server1\share
>> 4. Dilbert hits enter and computer uses confroom account to authenticate
>> 5. Dilbert gets back error message that, "\\server1\shar