JorgeSimarroVillar
asked on
Authenticate as computer with third party wireless client.
Hi,
We've justo set up an IAS Server and a few of Access Points. Next step is to configure the wireless clients in the laptops.
Several laptops come with thir party wireless clients which disable Windows wireless client and makes things quite difficult as you can't configure those clients via GPO.
On the other hand, it's quite useful for us to enable the option "Authenticate as computer when computer information is available" in the Windows Wireless Client and I wonder whether this is possible in the third party wireless clients. We need this feature because we want the to run logon and group polcies after the user does a successful logon to the domain.
Besides, I raise another scenario. A user is logged with domain cached credentials. Suddenly he wants to connect to the wireless to get access to the domain resources. How would be possible to run the logon scripts and GPO applied on that computer?.
Thank you.
We've justo set up an IAS Server and a few of Access Points. Next step is to configure the wireless clients in the laptops.
Several laptops come with thir party wireless clients which disable Windows wireless client and makes things quite difficult as you can't configure those clients via GPO.
On the other hand, it's quite useful for us to enable the option "Authenticate as computer when computer information is available" in the Windows Wireless Client and I wonder whether this is possible in the third party wireless clients. We need this feature because we want the to run logon and group polcies after the user does a successful logon to the domain.
Besides, I raise another scenario. A user is logged with domain cached credentials. Suddenly he wants to connect to the wireless to get access to the domain resources. How would be possible to run the logon scripts and GPO applied on that computer?.
Thank you.
I really don't see your problem here.
Your wireless access points transmit network name and
all you need is to set up security and that means providing
keys (wep...) to your laptops.So it makes no difference what
laptop clients are using for connection.
Why do you people complicate your life unnecessarily ?
Logging into domain is another issue separate from internet access...
Or perhaps you need to log in into domain to get internet access ?
Your wireless access points transmit network name and
all you need is to set up security and that means providing
keys (wep...) to your laptops.So it makes no difference what
laptop clients are using for connection.
Why do you people complicate your life unnecessarily ?
Logging into domain is another issue separate from internet access...
Or perhaps you need to log in into domain to get internet access ?
ASKER
Hi,
I need to be authenticated to the domain to have access to the wireless, that's why I installed IAS, becuase I want to authenticate to active directory.
How could I get access to the wireless without being logged into the domain?.
Thank you.
I need to be authenticated to the domain to have access to the wireless, that's why I installed IAS, becuase I want to authenticate to active directory.
How could I get access to the wireless without being logged into the domain?.
Thank you.
You generate a wep key (or whatever else for wireless security)
on the access point (setup) for accessing the internet.
The generated key is provided to clients.
When their laptops (or PC's) detect wireless they are prompted to join.
All they need to do is to supply the given key.
With key supplied they can automatically join the wireless network
(selecting 'join automatically') .
That means they have internet access.They do not need to log on to domain or
whatever.
ASKER
But I don't want to give a WEP key to the users, a key that they likely will lose right away. It's much easier that they use their active directory credentials.
We'll change the WEB key very frequently due to security reasons, and I guess that in your scenario we'll have to provide them with the new WEP key every time we change it. This is not very useful.
Of course, if they aren't logged to the domain they don't have Internet access.
Thank you.
We'll change the WEB key very frequently due to security reasons, and I guess that in your scenario we'll have to provide them with the new WEP key every time we change it. This is not very useful.
Of course, if they aren't logged to the domain they don't have Internet access.
Thank you.
You can use Mac filtering which is even better.
Its machine specific and no need to change keys.
You specify machine ID (obtained from their hardware - NIC) which
you then add.So unless they change the nic,it's always there...
Its machine specific and no need to change keys.
You specify machine ID (obtained from their hardware - NIC) which
you then add.So unless they change the nic,it's always there...
ASKER
I'm talking about hundred of laptops and mobile devices. Besides, these devices are replaced with new ones every two years. Can you imagine the load of work that handling with such a huge number of mac addresses will have to deal with?.
Thank you.
Thank you.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you.