Solved

Group Policy Processing over Wireless Connection

Posted on 2010-09-03
4
2,400 Views
Last Modified: 2012-05-10
Hi,

We are facing a issue with Group Policy processing over Wireless connection. We have got some laptops where we have enabled wireless connection. We have IAS servers configured for Access Points. The authentication is happening through Active Directory and Microsoft certificate Authority server for Wireless.

The issue is we are able to connect and work fine, but when the user is reboot the laptop after connecting to the Wirelss connection, he is able to login and get the network but group policy is not getting applied.

I have enabled GPO Slow link detection but it does not help. I have made user to wait at logon prompt for sometime and then login but the issue persists.

I have tried to ping the laptop wireless when it is rebooting and found that the laptop is not pingable till user logs in.

The wireless connection is made "Windows manage this connecton" and get connected automatically once user logs in.

I wanted to know is there a way for us to get the wireless connection established before login prompt comes. I have tried the policy " Wait for network before login" I have also checked userenv logs and found that the Domain is not reachable because of which slow link detection and group policy processing is not happening.

Is there a way to connect wireless before login prompt
0
Comment
Question by:Neo_78
4 Comments
 
LVL 11

Expert Comment

by:Coast-IT
ID: 33595543
You need to not use 3rd party wireless applications.  To enable wireless to be active before windows logs in, you need to ensure that Windows is managing the wireless connections on the clients.

I know you seem to be setting this, but it can't be the case.

Try and uninstall all of the 3rd party utilities that "could" manage this connection, as I am sure this is the case.
0
 
LVL 20

Accepted Solution

by:
Jakob Digranes earned 250 total points
ID: 33595689
You say you have IAS configured for authentication for wireless; I guess than that you have set it to User Authentication and not computer?
If so - the laptop will not be authenticated, and therefore, not connected to the network until user logs on ans is authenticated.

You should, however, have machine authentication - with user re-authentication, then the laptop is authenticated and connected before user logs on, and will then reauthenticate and reconnect when user logs on. then GPOs should be processed as planned.

Never use 3rd party software if you have IAS configured for wireless access
0
 
LVL 5

Expert Comment

by:Greg Jacknow
ID: 33598238
The above advice seems to make sense.  If you use the built in windows piece to manage the wireless network it should work.  You may want to try it without the IAS and get that working first to take that out of the troubleshooting first.
You indicated you had done this.
open up gpedit.msc

computer configuration/administrative templates/system/logon
change the " always wait for the network at computer startup and logon"
You can also try this:  http://support.microsoft.com/kb/840669
 
0
 

Author Closing Comment

by:Neo_78
ID: 33602139
Hi Jakob, It was absolute perfect Solution. I have added the computer account to the policy and it worked. Thanks a lot for the help I really appreciate it.

Cheers!!!!!
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now