Solved

Wireless GPO: "automatic" vs "on-demand"

Posted on 2008-10-02
13
3,057 Views
Last Modified: 2011-10-19
I have created Wireless GPO to configure Wifi connection to the Wireless access point (Cisco Airnet). GPO works and laptop (Windows XP Pro SP2) is connecting to AP without any problem.

The issue is that this connection is set to be "automatic" so laptop connects to AP whenever it is in a range. It is NOT possible to disconnect from AP neither change type of the connection from "automatic" to "on-demand" or "manual".

In GPO I cannot see any option to change setting "Automatically connect to available networks".
Any idea what other settings may be set in order to make this connection "on-demand" / "manual"?
Alternitevly, is any registry hack available (in addition to GPO) to achieve the desired settings?
0
Comment
Question by:igor-1965
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
13 Comments
 
LVL 6

Expert Comment

by:thernlund
ID: 22628126
I'm not sure if this is the answer you're after, but...

In your wireless access policy (Windows Settings/Security Setting/Wireless Network (IEEE 802.11) Policies), open your policy.  In the drop-down labeled "Networks to access:", set to "Any available...".

On bott if the computer is in range of the network your GPO defines, it will conenct.  No way around that that I've ever heard of.  But you should be able to disconnect and re-connect to another network.


-T.
0
 
LVL 6

Expert Comment

by:thernlund
ID: 22628258
That was "On boot if the computer is in range..."


-T.
0
 
LVL 14

Author Comment

by:igor-1965
ID: 22632396
"Any available network" was already in use. But I cannot see any option "On boot if the computer is in range...". Where is located?

Thank you.
Igor
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 6

Expert Comment

by:thernlund
ID: 22637640
No, no.  What I was saying is that if the computer is in range on boot it will try to connect.  I've never seen any way around that.  However, you should be able to disconnect and reconnect to another network without issue.


-T.
0
 
LVL 14

Author Comment

by:igor-1965
ID: 22641235
At my first tests it was not possible to disconnect from AP after the connection established. But I will be reconfigure AP on Monday and retest GPO / connection issue and confirm.
0
 
LVL 6

Expert Comment

by:thernlund
ID: 22642170
It occurs to me that if you want users to connect manually rather than automatically, just don't define a policy at all.  Then the users will bring up the list of APs in Windows and pick which one they want to connect to.

That is to say, without a policy, it will all be managed by the user at his end rather than by you at the domain end.

If you're using RADIUS, of course set up IAS, but just don't define any policy in the domain.


-T.
0
 
LVL 14

Author Comment

by:igor-1965
ID: 22649740
Unfortunately, after the policy applied and AP is in the range I am not able to disconnect / switch to another WiFi network.

Manual configuration could help but it is a corporate-wide implementation (Access Points + GPO) to minimize the manual work setting up thousands laptops. I am looking for a workaround that would allow me to switch the WiFi networks while laptop is in the office.
0
 
LVL 6

Expert Comment

by:thernlund
ID: 22651531
Hmmm... well, my machines have a WiFi policy applied and I am able to disconnect from the default and connect to any other available.

Reading back through the whole thread, I don't think I'm sure of what exactly your after.

A)  If you want the laptop to not connect to anything on boot up, then don't configure a policy.  This is the only way.  If there is a policy, the machine will connect.  Without a policy machines should still be able to connect with RADIUS and zero config, but they won't connect on boot (the user must connect manually after login).  However, this can present a problem for computer policies as the machine is not connected before login, and as such the computer policies are not processed.

B)  If you want them to connect but be able to manually disconnect and reconnect to another network, this is doable.  I do it all the time.  However, without seeing your config I'm not sure what's wrong.


-T.
0
 
LVL 14

Author Comment

by:igor-1965
ID: 22701694
Sorry for not replying sooner. I am attaching the screen shots of my GPO settings. Please have a look.

Thank you
Igor
 
GPO-1.jpg
GPO-2.jpg
GPO-3.jpg
GPO-4.jpg
GPO-5.jpg
GPO-6.jpg
0
 
LVL 6

Accepted Solution

by:
thernlund earned 500 total points
ID: 22704310
These setting are just as mine are.  As such, I think what you're after might be elsewhere.

Possibly you have some other network policy configured not related to the connection being wired or wireless?


-T.
0
 
LVL 14

Author Comment

by:igor-1965
ID: 22704717
Yes, we have some policies applied. But which one could be a culprit?
0
 
LVL 14

Author Closing Comment

by:igor-1965
ID: 31502345
T. - you might be right and the problem resides somewhere else rather than in GPO. I suspect it might be Cisco Airnet AP + laptops WiFi cards combination but have no resources to take the further tests. Thanks for your time and efforts.
Igor
0
 

Expert Comment

by:vwaadmin
ID: 23876370
Igor, I have the same problem and setup as you. I have run RsOP and have not found any conflicting policies. Did you find a solution to your problem?
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question