Solved

How to disable The logon optimization in XP

Posted on 2010-08-25
11
480 Views
Last Modified: 2012-05-10
Hi,

Our Logon scripts are not running as my Wireless connectivity is coming after user login.

We enabled the below feature from our 2008 AD GPO (We are using PEAP - TLS for wireless)  but no luck still my wireless is getting after user login

Global PO via "Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon"

is there any other way to do this
0
Comment
Question by:amitabhg
  • 5
  • 5
11 Comments
 
LVL 3

Expert Comment

by:clw3388
ID: 33522813
You might be using a third party utility to connect to your LAN - try using the Windows built-in utility instead.
"wireless Zero configuration"// It's a service and should fire before  you logon
0
 

Author Comment

by:amitabhg
ID: 33523605
This service is already running and we are using the same.

When we use PEAP - MSChap its working fine but with PEAP - TLS we are getting this problem
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33524584
Make sure your computers are authorized to use your Wireless connection policy.  I added the Domain Computers group so that the PC can authenticate to the wireless if no user is logged in.
0
 

Author Comment

by:amitabhg
ID: 33528570
Hi Kevin,

I didn't get what you are telling could you please tell where exactly i ca do this (Through GPO or NPS policy)
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33537677
Under the NPS policy, under Conditions set the Windows Groups to DOMAIN\Domain Computers OR DOMAIN\Domain Users.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 

Author Comment

by:amitabhg
ID: 33539272
Hi Kevin,

We already implemented this but no luck..:(
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 500 total points
ID: 33544977
Is your workstation set to authenticate as computer when computer information is available? In GPO it's under the wireless policy on the IEEE 802.1X tab.
0
 

Author Comment

by:amitabhg
ID: 33556129
Hi Kevin.

If i use PEAP - MSchap i can use that option but now i am using PEAP - TLS it will use both user and computer certificate for authentication.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 33582646
To get back to the original question, you can disable logon optimization by using the following policy setting:
Computer Configuration\Administrative Templates\System\Logon\ Always wait for the network at computer startup and logon

http://support.microsoft.com/kb/305293

What you really want, though is for wireless to work before the user logs in.  I would check the event logs on the client and IAS server to see what is going on before the user logs in.  There must be errors in there describing what it wrong with your PEAP-TLS setup.  I am using PEAP-MSCHAP and it works like a champ.  Do you know if your machine auto-enrollment is working properly?
0
 

Author Comment

by:amitabhg
ID: 33633899
Hi Kevin,

Thanq for your update and sorry for the delay

Now we moved to PEAP-MSCHAP and its working perfectly.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33639137
Glad to be able to help.
0

Featured Post

Too many email signature updates to deal with?

Do you feel like you are taking up all of your time constantly visiting users’ desks to make changes to email signatures? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

Join & Write a Comment

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now