> 2) I notice now that the certificate validation is working that I no > longer am prompted to enter my username and password. Even after > rebooting the WinXP computer, the connection to freeradius occurs > automatically. I suppose this might be convenient in some circles > but it's also a security risk in that if someone were to borrow my > computer they would not be challenged before getting access to the > network. Does anyone know where WinXP stores this info and if it > can be configured to always prompt for user/pass? > [HKEY_CURRENT_USER\Software\Microsoft\EAPOL\userEapInfo\]
You can make eapol.reg file that will delete this info Windows Registry Editor version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\EAPOL] [-HKEY_CURRENT_USER\Software\Microsoft\EAPOL\userEapInfo\] [HKEY_CURRENT_USER\Software\Microsoft\EAPOL\userEapInfo\] Then make an Xeapol.bat file to regedit /u /s c:\windows\eapol.reg Use gpedit.msc to add this batch file into the user configuration logoff scripts. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html