Change password with 802.1x WinXP and cached Passwords.

Change password with 802.1x WinXP and cached Passwords.

Post by Michael Ki » Tue, 26 Apr 2005 23:03:04


We use the built in 802.1x supplicate in Windows XP on our corporate
network, we also support around 2000 students that are not part of our
domain.

We've had them authenticating fine for almost a year now, by having them
uncheck "use my username/password/domain automatically".

Our domain policy has password expiration, and due to the fact that most of
the students change they're password in September, all of they're passwords
are expiring this week.

Now for the bad news. For the life of us, we can't figure out how to change
the cached credentials on the built-in 802.1x supplicant. We know how to
delete the EAPOL registry key, but trying to talk 2000 users thru this
process is looking like a nightmare. We know we can make a simple script to
delete the key, but we are still faced with the problem of distributing this
script to 2000 users, that will effectively have no internet access.

Is there a better way than deleting this registry key? (We've also found
removing, and reconfiguring they're wireless connection works). What would
be ideal is that when the supplicate get's a "bad password" response back is
a popup that allows you to overwrite the cached password. The worst part of
this nightmare is that it's going to happen everytime our password change
policy is enforced.