Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 496
  • Last Modified:

How to disable The logon optimization in XP

Hi,

Our Logon scripts are not running as my Wireless connectivity is coming after user login.

We enabled the below feature from our 2008 AD GPO (We are using PEAP - TLS for wireless)  but no luck still my wireless is getting after user login

Global PO via "Computer Configuration\Administrative Templates\System\Logon\Always wait for the network at computer startup and logon"

is there any other way to do this
0
amitabhg
Asked:
amitabhg
  • 5
  • 5
2 Solutions
 
clw3388Commented:
You might be using a third party utility to connect to your LAN - try using the Windows built-in utility instead.
"wireless Zero configuration"// It's a service and should fire before  you logon
0
 
amitabhgAuthor Commented:
This service is already running and we are using the same.

When we use PEAP - MSChap its working fine but with PEAP - TLS we are getting this problem
0
 
kevinhsiehCommented:
Make sure your computers are authorized to use your Wireless connection policy.  I added the Domain Computers group so that the PC can authenticate to the wireless if no user is logged in.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
amitabhgAuthor Commented:
Hi Kevin,

I didn't get what you are telling could you please tell where exactly i ca do this (Through GPO or NPS policy)
0
 
kevinhsiehCommented:
Under the NPS policy, under Conditions set the Windows Groups to DOMAIN\Domain Computers OR DOMAIN\Domain Users.
0
 
amitabhgAuthor Commented:
Hi Kevin,

We already implemented this but no luck..:(
0
 
kevinhsiehCommented:
Is your workstation set to authenticate as computer when computer information is available? In GPO it's under the wireless policy on the IEEE 802.1X tab.
0
 
amitabhgAuthor Commented:
Hi Kevin.

If i use PEAP - MSchap i can use that option but now i am using PEAP - TLS it will use both user and computer certificate for authentication.
0
 
kevinhsiehCommented:
To get back to the original question, you can disable logon optimization by using the following policy setting:
Computer Configuration\Administrative Templates\System\Logon\ Always wait for the network at computer startup and logon

http://support.microsoft.com/kb/305293

What you really want, though is for wireless to work before the user logs in.  I would check the event logs on the client and IAS server to see what is going on before the user logs in.  There must be errors in there describing what it wrong with your PEAP-TLS setup.  I am using PEAP-MSCHAP and it works like a champ.  Do you know if your machine auto-enrollment is working properly?
0
 
amitabhgAuthor Commented:
Hi Kevin,

Thanq for your update and sorry for the delay

Now we moved to PEAP-MSCHAP and its working perfectly.
0
 
kevinhsiehCommented:
Glad to be able to help.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now