I am in a hospital setting. We have several wireless laptops where users will need to connect to the wireless network and be able to login to active directory. I have found a way to do this for a single user on the laptop but these laptops are used by multiple users. Windows 7 will use one users domain credentials to connect to the wireless network and also login to the domain, but it will not do this for any other users that use the laptop. It appears that it will only remember one users credentials. I assume this is by design but I was wondering if anyone knew of a way to do this for multiple users on the same laptop. I know I could create a single service account to accomplish this but we prefer not to do this for security reasons. Any other suggestions?

We use GPO for that http://www.petri.co.il/creating_wireless_gpo_settings.htm

Hello, It's possible that your wireless software starts up connects to the network after Windows logon, so when your OS is trying to authenticate against a DC, wireless is not connected, and thus you cannot log in. It's possible that the one account you can log in to has cached credentials because you have logged in as that user using hardwire prior. To test this theory: 1. Log in using an ethernet cable as one of the users that cannot log in 2. Log out and then disconnect the ward wire. 3. Log in as that same user wirelessly. If you can log in, then the situation theorized is the likely culprit.Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

Hello Falcon, That is pretty much what is happening. I haven't loooked at the GPO stuff that Brano mentioned but I am thinking becuase the situation plays out pretty much like you described the GPO will not make a difference.

We use GPO for that http://www.petri.co.il/creating_wireless_gpo_settings.htm I don't think the GPO will accomplish what I am looking for. I have a laptop that connects to the wireless network and is in AD. This laptop is used by multiple users. The problem is that the Wireless authentication happens after windows logon so it cannot authenticate to AD. I can make this work for one user but as Miguel mentioned below it maore than likely works for the one user because that one users credentials are cached from a previous logon. I am looking for a way for any AD user to be able to login to this laptop via the wireless network and authenticate to AD. Thanks for your suggestion though it will be helpful in other areas.

Hi , Please try to disable cached users credentials and check the result. To do this, click Start, type gpedit.msc in the Start Search box, press Enter, open Local Group Policy Editor. Navigate to Computer Configuration> Windows Settings>Security Settings> Local Policies> Security Options control of "Interactive Logon: Number of previous logons to cache (in case domain controller is not available)" to 0 logons (from the default of 10). Also, please check the wireless device if it have some configuration about cache users credentials. Hope it helps.Tracy Cai TechNet Community Support

Hello, Use the Windows wireless client, do not use third party wireless cleints. Then, when the CTRL+ALT+DEL login prompt appear, wait about 30 seconds. That should do the tricke. Also, look at the post below: http://support.microsoft.com/default.aspx?scid=kb;en-us;873485 http://forums.techarena.in/small-business-server/491549.htm Miguel Fra / Falcon IT Services Computer & Network Support, Miami, FL Visit our Knowledgebase and Support Sharepoint Site

I tried what was stated in this article and it does not work. Unless you cache credentials I don't see how it would work. If you cache credentials it only works for one user. I am looking for something like this except for multiple users on the same laptop.

Here's another thing you can try. http://community.spiceworks.com/how_to/show/2047 I would recommend contacting the laptop manuf. support because it may be that the wireless utility it brings may offer a way to do a wireless pre logon.Miguel Fra | Falcon IT Services, Miami, FL www.falconitservices.com | www.falconits.com | blog-KB

hello, im not entirley too sure about your scenario from your post.. but are you familiar with RADIUS? depending on what kind of access points you have in your environment you may already have it built on to them, if not, its worth looking into considering the price of them now. basically it will allow you to configure an access point to authenticate the laptop to the domain instead of each user's individual logon. once the laptop is connected to the network than the users credentials will be passed just as if they were plugged in at their desk. you than set up the "Network Policy and Access Service" server role on the server of your choice and from there you can configure your environment, a common setup for this is to create and active directory group for radius laptops, and you add the laptop computer object to that group in AD, than when the respective PC joins the wireless network configured for RADIUS it will allow for access to network resources. it also provides the layer of security in that only domain joined pc's will be able to connect to this network right up front. pretty simple solution and very cost effective given the solution it provides. might be worth looking into for your case... Regards. Ross Kotter Systems Administrator Microsoft Certified **************************************************************** Was This Post Helpful? Please Remember To Mark Post's As Helpful If It Assist's In Solving Your Issue. If This Post Provides You With An Answer To Your Problem Please Be Sure To Mark As Answer.