[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

How to disable The logon optimization in XP

Posted on 2010-08-25
11
Medium Priority
?
503 Views
Last Modified: 2012-05-10
Hi,

Our Logon scripts are not running as my Wireless connectivity is coming after user login.

We enabled the below feature from our 2008 AD GPO (We are using PEAP - TLS for wireless)  but no luck still my wireless is getting after user login

Global PO via "Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon"

is there any other way to do this
0
Comment
Question by:amitabhg
  • 5
  • 5
11 Comments
 
LVL 3

Expert Comment

by:clw3388
ID: 33522813
You might be using a third party utility to connect to your LAN - try using the Windows built-in utility instead.
"wireless Zero configuration"// It's a service and should fire before  you logon
0
 

Author Comment

by:amitabhg
ID: 33523605
This service is already running and we are using the same.

When we use PEAP - MSChap its working fine but with PEAP - TLS we are getting this problem
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33524584
Make sure your computers are authorized to use your Wireless connection policy.  I added the Domain Computers group so that the PC can authenticate to the wireless if no user is logged in.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:amitabhg
ID: 33528570
Hi Kevin,

I didn't get what you are telling could you please tell where exactly i ca do this (Through GPO or NPS policy)
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33537677
Under the NPS policy, under Conditions set the Windows Groups to DOMAIN\Domain Computers OR DOMAIN\Domain Users.
0
 

Author Comment

by:amitabhg
ID: 33539272
Hi Kevin,

We already implemented this but no luck..:(
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 2000 total points
ID: 33544977
Is your workstation set to authenticate as computer when computer information is available? In GPO it's under the wireless policy on the IEEE 802.1X tab.
0
 

Author Comment

by:amitabhg
ID: 33556129
Hi Kevin.

If i use PEAP - MSchap i can use that option but now i am using PEAP - TLS it will use both user and computer certificate for authentication.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 2000 total points
ID: 33582646
To get back to the original question, you can disable logon optimization by using the following policy setting:
Computer Configuration\Administrative Templates\System\Logon\ Always wait for the network at computer startup and logon

http://support.microsoft.com/kb/305293

What you really want, though is for wireless to work before the user logs in.  I would check the event logs on the client and IAS server to see what is going on before the user logs in.  There must be errors in there describing what it wrong with your PEAP-TLS setup.  I am using PEAP-MSCHAP and it works like a champ.  Do you know if your machine auto-enrollment is working properly?
0
 

Author Comment

by:amitabhg
ID: 33633899
Hi Kevin,

Thanq for your update and sorry for the delay

Now we moved to PEAP-MSCHAP and its working perfectly.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33639137
Glad to be able to help.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Measuring Server's processing rate with a simple powershell command. The differences in processing rate also was recorded in different use-cases, when a server in free and busy states.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

591 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question