Solved

deploying wireless profile to XP for 802.1X....

Posted on 2011-09-23
9
402 Views
Last Modified: 2013-12-09
I was wondering what options there are out there for the 802.1X wireless network I have so that I can enter things like the certificate and SSID, etc. The ones I've seen have been:

GPO - couldn't get it to work with XP and install the profile so it did not connect with out work
Wireless Network setup wizard in XP to flash drive and then deploy with login script (this one seems okay but I haven't tested it out yet)

Does anyone have any other options for XP computers if you're trying to deploy it to a bunch of laptops?
0
Comment
Question by:willlandymore
9 Comments
 
LVL 17

Accepted Solution

by:
Tony Massa earned 500 total points
ID: 36592339
GPO does work with a PEAP client profiles.  You will just need to find out what the hang-up is.  We deployed a wireless GPO to hundreds and ran into all kinds of problems from the Dell Wireless utility managing the wireless connections (must be managed by windows, obviously), the wireless devices and IAS server had to be tweaked for days until we figured it out...but it is possible.

http://technet.microsoft.com/en-us/library/dd759264.asp

Here's a sample config
http://www.techrepublic.com/article/ultimate-wireless-security-guide-automatic-peap-deployment-with-microsoft-active-directory-gpo/6148576
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 36592358
GPO is the easiest way to do it - as tmassa99 said, turn off any 3rd party Wireless Management applications though.

I have done this for over 5000 clients across multiple sites and have never had any problems with the GPO applying.
0
 
LVL 22

Expert Comment

by:senad
ID: 36593734
export profile to flash drive - very easy and effective ...
0
 
LVL 1

Author Comment

by:willlandymore
ID: 36599343
Okay, I'll give the GPO a shot again and see if I can tweak that so it works properly. I did try the flash drive but some of the settings didn't make it across for some reason so it didn't really save me having to pop open the profile and then adjust it so it would work.

Thanks for the help guys. I'll let you know how it goes....
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 1

Author Comment

by:willlandymore
ID: 36599652
Okay, we have a 2008 domain so it's a little different but most of the instructions are the same. However, I have made a new 'XP policy' in Group Policy Management', then I changed the settings to use the certificate and 802.1X. I also have another policy that pushes out the server certificate.

I went into the mmc for certs and I can see the server certificate, but the policy to put the wireless network on the machine has not made it to the client. I have run a gpupdate /force but it still wont' get there. Dell utility is disabled and not starting up, Windows zero config is starting up and I even plugged the computer in with wired just in case....but I still can't get those settings. I'm using a domain login and everyting...
0
 
LVL 1

Author Comment

by:willlandymore
ID: 36599752
Okay, I ran 'gpresult' from the laptop and I can see:

"The following GPO's were not applied because they were filtered out - Wireless Policy"

Is that due to another GPO at a higher level that is filtering that out?
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 36599811
No, it means that the policy is no linked to the COMPUTER objects in AD.  

If your users and computers are in different OUs, then you should apply it to the computer container.  In the scope for the Wireless policy, make sure you have "Domain Comuputers", or "Authenticated Users", or if you're testing on the one computer, then put the computer object in the policy filter.
0
 
LVL 17

Expert Comment

by:Tony Massa
ID: 36599825
Where did you link the GPO, and where is the computer object in AD?

Also, it could be filtered if you have a "Block Inheritance" somewhere (which you shouldn't use).  If you are; however, make sure you use the "Enforced" option on the Wireless policy.
0
 
LVL 1

Author Comment

by:willlandymore
ID: 36599965
yeah, I figured that out with a bit more testing. :)

I applied it on the computer one and that fixed it up. Thanks for all the insight.

Now the 802.1X network was applied and it connected right away. I guess I would have to have the computer plugged in to start with to get the policy but after that it will work.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now