question

vojtech-9391 avatar image
0 Votes"
vojtech-9391 asked XiaopoYang-MSFT commented

Custom Credential Provider + 802.1x authentication

We are developing a custom Credential Provider (C++) and want to emulate the single-sign-on behaviour of default Windows Credential Providers. OneX Credential Provider uses undocumented WLan* and Dot3* APIs to provide this functionality (invoked from IConnectableCredentialProviderCredential::Connect() method).

What is the best approach to enabling network connectivity on network adapters with 802.1x authentication enabled using credentials collected with our custom Credential Provider?

windows-apic++
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

XiaopoYang-MSFT avatar image
0 Votes"
XiaopoYang-MSFT answered XiaopoYang-MSFT commented

Is this WLAN* API which you need? And according to this Q&A, It is proper to use the EAPHost framework.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Re networking APIs: the built-in OneX credential provider is using a sequence of undocumented API methods to achieve this: WLanInitPlapParams, WLanDoPlap, WLanDeInitPlapParams (and equivalent methods with Dot3* prefix from Dot3 API). This looks perfect for the purpose but these are not public APIs.

I should have mentioned we are working on an EAP supplicant but it is quite an overkill - all we ideally want is a way to simply supply credentials to existing network profile which is setup for pre-logon 802.1x.

0 Votes 0 ·

As of this time, EAPHost framework is the only best way.

0 Votes 0 ·