EDN Admin
Well-known member
I have been asked to create an application that will automatically configure a users machine to use a secure 802.1x Wireless network. I have actually figured out how to setup the wireless profile, but now I am faced with the problem of submitting the
users credentials. There is this API Call WlanSetProfileEapXmlUserData(). I have been able to find an example for a user-name and password, however I need to do this for certs.
Consider the following XML for an EAP-TLS type of authentication (certificate based):
<pre class="prettyprint <?xml version="1.0"?>
<EapHostUserCredentials xmlns="http://www.microsoft.com/provisioning/EapHostUserCredentials" xmlns:eapCommon="http://www.microsoft.com/provisioning/EapCommon" xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapMethodUserCredentials
<EapMethod>
<eapCommon:Type>13</eapCommon:Type>
<eapCommon:AuthorId>0</eapCommon:AuthorId>
</EapMethod>
<Credentials xmlns:eapUser="http://www.microsoft.com/provisioning/EapUserPropertiesV1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapUserPropertiesV1" xmlns:eapTls="http://www.microsoft.com/provisioning/EapTlsUserPropertiesV1
<baseEap:Eap>
<baseEap:Type>13</baseEap:Type>
<eapTls:EapType>
<eapTls:Username>username</eapTls:Username>
<eapTls:UserCert>00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00</eapTls:UserCert>
</eapTls:EapType>
</baseEap:Eap>
</Credentials>
</EapHostUserCredentials>[/code]
I assume the username is the name to be used with the cert, like when you manually pick the cert (when clicking on the supplicant bubble). Then there is the UserCert with all the nulls there. This I assume is the thumbprint of the cert I wish
to use. This is a guess because I cant find any actual documentation on this.
Anyway I can submit this with the API call (it returns success) however, the supplicant fails the authentication. I use something similar for username and password and that works, so I know my code is fundamentally correct. There has
to be something wrong or missing from this XML.
Is there anyone out there who can help me with this? Microsoft doesnt have any real documentation (that I can find) on how to use their own supplicant.
View the full article
users credentials. There is this API Call WlanSetProfileEapXmlUserData(). I have been able to find an example for a user-name and password, however I need to do this for certs.
Consider the following XML for an EAP-TLS type of authentication (certificate based):
<pre class="prettyprint <?xml version="1.0"?>
<EapHostUserCredentials xmlns="http://www.microsoft.com/provisioning/EapHostUserCredentials" xmlns:eapCommon="http://www.microsoft.com/provisioning/EapCommon" xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapMethodUserCredentials
<EapMethod>
<eapCommon:Type>13</eapCommon:Type>
<eapCommon:AuthorId>0</eapCommon:AuthorId>
</EapMethod>
<Credentials xmlns:eapUser="http://www.microsoft.com/provisioning/EapUserPropertiesV1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapUserPropertiesV1" xmlns:eapTls="http://www.microsoft.com/provisioning/EapTlsUserPropertiesV1
<baseEap:Eap>
<baseEap:Type>13</baseEap:Type>
<eapTls:EapType>
<eapTls:Username>username</eapTls:Username>
<eapTls:UserCert>00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00</eapTls:UserCert>
</eapTls:EapType>
</baseEap:Eap>
</Credentials>
</EapHostUserCredentials>[/code]
I assume the username is the name to be used with the cert, like when you manually pick the cert (when clicking on the supplicant bubble). Then there is the UserCert with all the nulls there. This I assume is the thumbprint of the cert I wish
to use. This is a guess because I cant find any actual documentation on this.
Anyway I can submit this with the API call (it returns success) however, the supplicant fails the authentication. I use something similar for username and password and that works, so I know my code is fundamentally correct. There has
to be something wrong or missing from this XML.
Is there anyone out there who can help me with this? Microsoft doesnt have any real documentation (that I can find) on how to use their own supplicant.
View the full article