Solved

How do I push software to 7/XP wireless clients through a GPO?

Posted on 2011-02-15
5
394 Views
Last Modified: 2012-05-11
Hello,

We are running Windows 7 and XP clients in a Windows 2003/2008 environment, using IAS for wireless authentication. When attempting to push down software through a GPO, the installation never works on the wireless clients, probably due to authentication timing issues. Is there a way to delay the logon so that the wireless clients can pick up to GPO? I was told that there was a .DLL that could do this. Is anyone aware of it?
0
Comment
Question by:srfergus
5 Comments
 
LVL 30

Expert Comment

by:ded9
Comment Utility
Hi,

Check this article

http://www.experts-exchange.com/Networking/Wireless/Q_22835801.html

Should resolve your problem.


Ded9
0
 

Expert Comment

by:kylerabe
Comment Utility
You need to have the clients logging into the wireless network as they are logging into the computer/domain.  Somtimes this requires the use of software from your wireless card's manufacturer (Intel ProSet Wireless), but can usually be done in Windows 7 using single sign on.  Go to the Network and Sharing Center and click Manage wireless networks.  Right click on your office's wireless network and click Properties.  On the Security tab, click Advanced Settings.  You should see an option to enable single sign on.  You want to perform it immediately before logon. If each employee has different credentials for the wireless network, you also need to allow additional dialogs to be displayed during single sign on.  When you reboot your machine you should see not only a form for your domain username and password, but also your wireless credentials.  
0
 

Expert Comment

by:kylerabe
Comment Utility
more information about Intel ProSet can be found here: http://www.intel.com/support/wireless/wlan/sb/CS-014563.htm
0
 
LVL 1

Accepted Solution

by:
jimmernet earned 500 total points
Comment Utility
You need to set a GPO called "wait for network" It's somewhere buried in the computer configuration area. This does not let the login process continue until the network (wireless in this case) is established. Without this setting, the users are effectively logging on using cached credentials.

Also There are some settings in GPO for wireless to allow the computer itself to authenticate to the wireless AP/ domain instead of a user. This is useful if a user has not logged onto a wireless connected laptop before... See this...

http://technet.microsoft.com/en-us/library/cc778073%28WS.10%29.aspx

(....To specify that client computers attempt authentication to the network if a user is not logged on, select the Authenticate as computer when computer information is available check box, and in Computer authentication, click an option to specify how the computer should attempt authentication. For information about each of the options that you can select for Computer authentication, see Notes.)


if you cannot see the wireless configuration section in the machine area of the GPO, you may need to register the DLLs (I think this what you were thinkig..)

From http://www.winserverkb.com/Uwe/Forum.aspx/windows-group-policy/4223/Wireless-Group-Policy-Option-Missing

That's not entirely true. Some background: Wireless policy editing was added
to Server 2003 and requires a 2003 AD schema to work. XP, Sp1 and above is
capable of *processing* wireless policy but you're correct to say that, by
default, if you open the GP editor on an XP box you won't see Wireless
policy even if you're focused on a 2003 AD-based GPO. However, I played
around with this a bit and it looks fairly easy to rectify that. Simply copy
the following two files from the system32 folder on a Server 2003 system to
your XP workstation's system32 folder:

wlsnp.dll
wlstore.dll

and then on the XP box, register the wireless MMC snap-in by issuing the
following command from the system32 directory:

regsvr32 wlsnp.dll

That should allow you to edit Wireless policy on your XP box. Let me know if
that doesn't work for you.


Hopefully that will sort you out. Been there and had this issue!


0
 

Author Closing Comment

by:srfergus
Comment Utility
Thanks!
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now