?
Solved

Group Policy Processing over Wireless Connection

Posted on 2010-09-03
4
Medium Priority
?
2,882 Views
Last Modified: 2012-05-10
Hi,

We are facing a issue with Group Policy processing over Wireless connection. We have got some laptops where we have enabled wireless connection. We have IAS servers configured for Access Points. The authentication is happening through Active Directory and Microsoft certificate Authority server for Wireless.

The issue is we are able to connect and work fine, but when the user is reboot the laptop after connecting to the Wirelss connection, he is able to login and get the network but group policy is not getting applied.

I have enabled GPO Slow link detection but it does not help. I have made user to wait at logon prompt for sometime and then login but the issue persists.

I have tried to ping the laptop wireless when it is rebooting and found that the laptop is not pingable till user logs in.

The wireless connection is made "Windows manage this connecton" and get connected automatically once user logs in.

I wanted to know is there a way for us to get the wireless connection established before login prompt comes. I have tried the policy " Wait for network before login" I have also checked userenv logs and found that the Domain is not reachable because of which slow link detection and group policy processing is not happening.

Is there a way to connect wireless before login prompt
0
Comment
Question by:Neo_78
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33595543
You need to not use 3rd party wireless applications.  To enable wireless to be active before windows logs in, you need to ensure that Windows is managing the wireless connections on the clients.

I know you seem to be setting this, but it can't be the case.

Try and uninstall all of the 3rd party utilities that "could" manage this connection, as I am sure this is the case.
0
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 1000 total points
ID: 33595689
You say you have IAS configured for authentication for wireless; I guess than that you have set it to User Authentication and not computer?
If so - the laptop will not be authenticated, and therefore, not connected to the network until user logs on ans is authenticated.

You should, however, have machine authentication - with user re-authentication, then the laptop is authenticated and connected before user logs on, and will then reauthenticate and reconnect when user logs on. then GPOs should be processed as planned.

Never use 3rd party software if you have IAS configured for wireless access
0
 
LVL 5

Expert Comment

by:Greg Jacknow
ID: 33598238
The above advice seems to make sense.  If you use the built in windows piece to manage the wireless network it should work.  You may want to try it without the IAS and get that working first to take that out of the troubleshooting first.
You indicated you had done this.
open up gpedit.msc

computer configuration/administrative templates/system/logon
change the " always wait for the network at computer startup and logon"
You can also try this:  http://support.microsoft.com/kb/840669
 
0
 

Author Closing Comment

by:Neo_78
ID: 33602139
Hi Jakob, It was absolute perfect Solution. I have added the computer account to the policy and it worked. Thanks a lot for the help I really appreciate it.

Cheers!!!!!
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question