I may be wrong, but wouldn't the proper solution be to use the full "username@domain" for login as Microsoft recommended when AD was introduced? You could then have the network caching turned off.
We do not use EDUROAM but only use the network caching for non-domain (usually student owned) computers. Bruce Osborne Wireless Engineer IT Network Operations - Wireless (434) 592-4229 LIBERTY UNIVERSITY Training Champions for Christ since 1971 -----Original Message----- From: Harald Terkelsen [mailto:harald.terkel...@hioa.no] Sent: Thursday, November 3, 2016 10:50 AM Subject: Re: 802.1x (eduroam) Win10 - no prompt for new password after credential change On 11/01/2016 06:25 PM, Jonathan Miller wrote: > We are running into an issue where we have settings for eduroam pushed > out via GPO (which cert authority is good, user auth only, and a few > other settings). The problem that we are running into is that if we > check the 'cache credentials' option in the GPO, Win10 won't prompt > the user for their new password after a password change. Win7 and 8 > will both pop up and ask the user to re-enter their username and > password, it's just Win10 that won't. > > Has anybody else run into this? Yes: https://social.technet.microsoft.com/Forums/en-US/edabb0f1-7dda-4517-9af2-39dedeb7726d/update-user-credentials-on-a-wlan-profile-with-8021x-coming-from-gpo?forum=win10itpronetworking Our workaround is to install a script on the PC which deletes the registry key containing the cached credential when run. Harald Terkelsen Oslo and Akershus University College of Applied Sciences ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.