Dynamic Vlan Assigments via a Radius on a Wired Network with 802.1x

[RookThis]

I am trying to setup an 802.1x network that will allow PCs with valid machine certificates to get authenticated by a Radius server and then re-authenticated with their login credentials again via a Radius server that will inturn assign a VLAN based on the domain defined for the user. The machine certificate works fine, I see the EAPOL handshake between the switch and the radius server, but when I attempt to login I never see a request being sent to the radius server. I am looking at debug information at the time that I try the login process, but nothing shows up in the debug. I'm using the windows supplicant, with the following registry settings Authmode = 1

1 - Computer authentication with re-authentication. If computer authentication is successful, a subsequent user logon results in a re-authentication with user credentials. The user logon has to complete in 60 seconds or the existing network connectivity is terminated. The user credentials are used for subsequent authentication or re-authentication. Computer authentication is not attempted again until the user logs off the computer. This is the default setting for Windows XP Service Pack 1 (SP1) and Windows Server 2003.

and SupplicantMode = 3

3 - Transmit per 802.1x. Sends an EAPOL-Start message upon association to initiate the 802.1X authentication process.

Does anyone have any experience with this?