ONEX_CONNECTION_PROFILE structure

  • Article

The ONEX_CONNECTION_PROFILE structure contains information on the 802.1X connection profile currently used for 802.1X authentication.

Syntax

typedef struct _ONEX_CONNECTION_PROFILE {
  DWORD                dwVersion;
  DWORD                dwTotalLen;
  DWORD                fOneXSupplicantFlags  :1;
  DWORD                fsupplicantMode  :1;
  DWORD                fauthMode  :1;
  DWORD                fHeldPeriod  :1;
  DWORD                fAuthPeriod  :1;
  DWORD                fStartPeriod  :1;
  DWORD                fMaxStart  :1;
  DWORD                fMaxAuthFailures  :1;
  DWORD                fNetworkAuthTimeout  :1;
  DWORD                fAllowLogonDialogs  :1;
  DWORD                fNetworkAuthWithUITimeout  :1;
  DWORD                fUserBasedVLan  :1;
  DWORD                dwOneXSupplicantFlags;
  ONEX_SUPPLICANT_MODE supplicantMode;
  ONEX_AUTH_MODE       authMode;
  DWORD                dwHeldPeriod;
  DWORD                dwAuthPeriod;
  DWORD                dwStartPeriod;
  DWORD                dwMaxStart;
  DWORD                dwMaxAuthFailures;
  DWORD                dwNetworkAuthTimeout;
  DWORD                dwNetworkAuthWithUITimeout;
  BOOL                 bAllowLogonDialogs;
  BOOL                 bUserBasedVLan;
} ONEX_CONNECTION_PROFILE, *PONEX_CONNECTION_PROFILE;

Members

dwVersion

The version of this ONEX_CONNECTION_PROFILE structure.

dwTotalLen

The length, in bytes, of this ONEX_CONNECTION_PROFILE structure.

fOneXSupplicantFlags

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwOneXSupplicantFlags member.

fsupplicantMode

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the supplicantMode member.

fauthMode

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the authMode member.

fHeldPeriod

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwHeldPeriod member.

fAuthPeriod

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwAuthPeriod member.

fStartPeriod

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwStartPeriod member.

fMaxStart

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwMaxStart member.

fMaxAuthFailures

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwMaxAuthFailures member.

fNetworkAuthTimeout

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwNetworkAuthTimeout member.

fAllowLogonDialogs

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the bAllowLogonDialogs member.

fNetworkAuthWithUITimeout

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the dwNetworkAuthWithUITimeout member.

fUserBasedVLan

Indicates if the ONEX_CONNECTION_PROFILE structure contains valid data in the bUserBasedVLan member.

dwOneXSupplicantFlags

A set of 802.1X flags that can be present in the profile. These flags are reserved for internal use by the 802.1X authentication module.

supplicantMode

The supplicantMode element in the 802.1X schema that specifies the method of transmission used for EAPOL-Start messages. For more information, see the supplicantMode (OneX) Element in the 802.1X scheme.

Value Meaning
OneXSupplicantModeInhibitTransmission
0
 EAPOL-Start messages are not transmitted. Valid for wired LAN profiles only.
OneXSupplicantModeLearn
1
 The client determines when to send EAPOL-Start packets based on network capability. EAPOL-Start messages are only sent when required. Valid for wired LAN profiles only.
OneXSupplicantModeCompliant
2
 EAPOL-Start messages are transmitted as specified by 802.1X. Valid for both wired and wireless LAN profiles.

 

authMode

The authMode element in the 802.1X schema that specifies the type of credentials used for 802.1X authentication. For more information, see the authMode (OneX) Element in the 802.1X scheme.

Value Meaning
OneXAuthModeMachineOrUser
0
 Use machine or user credentials. When a user is logged on, the user's credentials are used for authentication. When no user is logged on, machine credentials are used.
OneXAuthModeMachineOnly
1
 Use machine credentials only.
OneXAuthModeUserOnly
2
 Use user credentials only.
OneXAuthModeGuest
3
 Use guest (empty) credentials only.
OneXAuthModeUnspecified
4
 Credentials to use are not specified.

 

dwHeldPeriod

The heldPeriod element in the 802.1X schema that specifies the length of time, in seconds, in which a client will not re-attempt authentication after a failed authentication attempt. For more information, see the heldPeriod (OneX) Element in the 802.1X scheme.

dwAuthPeriod

The authPeriod element in the 802.1X schema that specifies the maximum length of time, in seconds, in which a client waits for a response from the authenticator. If a response is not received within the specified period, the client assumes that there is no authenticator present on the network. For more information, see the authPeriod (OneX) Element in the 802.1X scheme.

dwStartPeriod

The startPeriod element in the 802.1X schema that specifies the length of time, in seconds, to wait before an EAPOL-Start is sent. An EAPOL-Start message is sent to start the 802.1X authentication process. For more information, see the startPeriod (OneX) Element in the 802.1X scheme.

dwMaxStart

The maxStart element in the 802.1X schema that specifies the maximum number of EAPOL-Start messages sent. After the maximum number of EAPOL-Start messages has been sent, the client assumes that there is no authenticator present on the network. For more information, see the maxStart (OneX) Element in the 802.1X scheme.

dwMaxAuthFailures

The maxAuthFailures element in the 802.1X schema that specifies the maximum number of authentication failures allowed for a set of credentials. For more information, see the maxAuthFailures (OneX) element in the 802.1X schema.

dwNetworkAuthTimeout

The time, in seconds, to wait for 802.1X authentication completion before normal logon proceeds. This value is used in single signon (SSO) scenarios. This value defaults to 10 seconds in an 802.1X profile. For more information, see the maxDelay (singleSignOn) Element in the 802.1X schema.

dwNetworkAuthWithUITimeout

The maximum duration time, in seconds, to wait for a connection in case a user interface dialog box that requires user input is displayed during the per-logon SSO.

On Windows Vista with SP1 and later, this value is hardcoded to 10 minutes and is not configurable. On Windows Vista Release to Manufacturing, this value defaults to 60 seconds in an 802.1X profile and was controlled by the maxDelayWithAdditionalDialogs element in the schema.

On Windows Vista with SP1 and later, the maxDelayWithAdditionalDialogs element in the 802.1X schema is ignored and deprecated.

bAllowLogonDialogs

A value that specifies whether to allow EAP dialogs to be displayed when using pre-logon SSO. For more information, see the allowAdditionalDialogs element in the 802.1X schema.

bUserBasedVLan

The userBasedVirtualLan element in the 802.1X schema that specifies if the virtual LAN (VLAN) used by the device changes based on the user's credentials. Some network access server (NAS) devices change the VLAN after a user authenticates. When userBasedVirtualLan is TRUE, the NAS may change a device's VLAN after a user authenticates. For more information, see the userBasedVirtualLan (singleSignOn) Element in the 802.1X scheme.

Remarks

The ONEX_CONNECTION_PROFILE structure is used by the 802.1X module, a new wireless configuration component supported on Windows Vista and later.

The ONEX_RESULT_UPDATE_DATA contains information on a status change to 802.1X authentication. The ONEX_RESULT_UPDATE_DATA structure is returned when the NotificationSource member of the WLAN_NOTIFICATION_DATA structure is WLAN_NOTIFICATION_SOURCE_ONEX and the NotificationCode member of the WLAN_NOTIFICATION_DATA structure for received notification is OneXNotificationTypeResultUpdate. For this notification, the pData member of the WLAN_NOTIFICATION_DATA structure points to an ONEX_RESULT_UPDATE_DATA structure that contains information on the 802.1X authentication status change.

If the fOneXAuthParams member in the ONEX_RESULT_UPDATE_DATA structure is set, then the authParams member of the ONEX_RESULT_UPDATE_DATA structure contains an ONEX_VARIABLE_BLOB structure with an ONEX_AUTH_PARAMS structure embedded starting at the dwOffset member of the ONEX_VARIABLE_BLOB. The oneXConnProfile member of the ONEX_AUTH_PARAMS structure contains an ONEX_VARIABLE_BLOB structure with an ONEX_CONNECTION_PROFILE structure embedded starting at the dwOffset member of the ONEX_VARIABLE_BLOB.

The ONEX_CONNECTION_PROFILE structure is not defined in a public header file.

Requirements

Requirement Value
Minimum supported client
 Windows Vista [desktop apps only]
Minimum supported server
 Windows Server 2008 [desktop apps only]

See also

About the ACM Architecture

OneX Schema

authMode (OneX) Element

authPeriod (OneX) Element

heldPeriod (OneX) Element

maxAuthFailures (OneX)

maxStart (OneX) Element

startPeriod (OneX) Element

supplicantMode (OneX) Element

userBasedVirtualLan (singleSignOn) Element

ONEX_AUTH_PARAMS

ONEX_NOTIFICATION_TYPE

ONEX_RESULT_UPDATE_DATA

OneX Schema Element

ONEX_VARIABLE_BLOB

WLAN_NOTIFICATION_DATA

WlanRegisterNotification