Hi,
I'm having some problems here to get our Wifi setup working. The setup basically comes down to this, we're using PEAP-MSCHAPv2 as authentication mechanism and the native Windows WZC clients to setup the connection and to provide the credentials.
There would be no problem if we were just using this on our own internal network/domain but because we're a school we want to participate in the Eduroam project which means we have to be able to authenticate users with the following username format: domain.country\username or username@domain.country. The NPS setup I have now only seems to be able to handle logins with the format of: usernam, domain\username or username@domain. This doesn't work with the Eduroam setup because they need the realm part to do the necessary proxying between the participating institutes and so they need the countrysuffix part in the outer identity.
If I use another wirelessclient on the clients (like the Intel PROSet) I'm able to configure the outer and inner identity differently which, technically speaking, would be a solution if it were not that a lot of our students can't use the Intel PROSet becausen they have a non Intel wifichip.
I've also seen that it's possible to do some attribute manipulation in NPS in the CRP but it seems to me that this only manipulates the outer identity part and not the inner part because then the authentication still fails. I tried this on the username by using the pattern ".*\\(.*)" and replacing it with "DOMAIN\$1", the manipulation seems to work according to the eventlogs but the authentication still fails.
Any ideas on how to handle this?