Solved

How to disable The logon optimization in XP

Posted on 2010-08-25
11
486 Views
Last Modified: 2012-05-10
Hi,

Our Logon scripts are not running as my Wireless connectivity is coming after user login.

We enabled the below feature from our 2008 AD GPO (We are using PEAP - TLS for wireless)  but no luck still my wireless is getting after user login

Global PO via "Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon"

is there any other way to do this
0
Comment
Question by:amitabhg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 3

Expert Comment

by:clw3388
ID: 33522813
You might be using a third party utility to connect to your LAN - try using the Windows built-in utility instead.
"wireless Zero configuration"// It's a service and should fire before  you logon
0
 

Author Comment

by:amitabhg
ID: 33523605
This service is already running and we are using the same.

When we use PEAP - MSChap its working fine but with PEAP - TLS we are getting this problem
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33524584
Make sure your computers are authorized to use your Wireless connection policy.  I added the Domain Computers group so that the PC can authenticate to the wireless if no user is logged in.
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:amitabhg
ID: 33528570
Hi Kevin,

I didn't get what you are telling could you please tell where exactly i ca do this (Through GPO or NPS policy)
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33537677
Under the NPS policy, under Conditions set the Windows Groups to DOMAIN\Domain Computers OR DOMAIN\Domain Users.
0
 

Author Comment

by:amitabhg
ID: 33539272
Hi Kevin,

We already implemented this but no luck..:(
0
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 500 total points
ID: 33544977
Is your workstation set to authenticate as computer when computer information is available? In GPO it's under the wireless policy on the IEEE 802.1X tab.
0
 

Author Comment

by:amitabhg
ID: 33556129
Hi Kevin.

If i use PEAP - MSchap i can use that option but now i am using PEAP - TLS it will use both user and computer certificate for authentication.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 33582646
To get back to the original question, you can disable logon optimization by using the following policy setting:
Computer Configuration\Administrative Templates\System\Logon\ Always wait for the network at computer startup and logon

http://support.microsoft.com/kb/305293

What you really want, though is for wireless to work before the user logs in.  I would check the event logs on the client and IAS server to see what is going on before the user logs in.  There must be errors in there describing what it wrong with your PEAP-TLS setup.  I am using PEAP-MSCHAP and it works like a champ.  Do you know if your machine auto-enrollment is working properly?
0
 

Author Comment

by:amitabhg
ID: 33633899
Hi Kevin,

Thanq for your update and sorry for the delay

Now we moved to PEAP-MSCHAP and its working perfectly.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33639137
Glad to be able to help.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question