Logging to AD domain from wireless?

Hello,

I need to set up a wireless network that our users can log on to our Win2003
AD domain. Servers are naturally on a wired network.

How can I set this up so that when user connects to WLAN with his laptop he
will logon to our domain and get ip addresses, network shares, printes etc.
from login script? I have 3COM AP's supporting Radius. Is this the way to
go? These AP's doesn't have internal DHCP server so wireless clients would
need to obtain ip's from domain DHCP server in wired network

Thanks!

Hi William,

Yes, you can configure a certificate authority, an IAS server (Microsoft
implementation of radius) and dhcp on the server side. Aditionally, you must
configure your access point to authenticate users to this newly configured
IAS server (take care that shared secret and authentication protocols must
match with that configured on the server). In this way, you can authenticate
your wireless users by certificate (only the users that have a certificate
will be authenticated and get an ip address).

--
Have a nice day!
Masterplan - MCSE,MCITP-EA
http://winmasterplan.blogspot.com


"William Stokes" wrote:

> Hello,
>
> I need to set up a wireless network that our users can log on to our Win2003
> AD domain. Servers are naturally on a wired network.
>
> How can I set this up so that when user connects to WLAN with his laptop he
> will logon to our domain and get ip addresses, network shares, printes etc.
> from login script? I have 3COM AP's supporting Radius. Is this the way to
> go? These AP's doesn't have internal DHCP server so wireless clients would
> need to obtain ip's from domain DHCP server in wired network
>
> Thanks!
>
>
>

Ok. So I need to distribute this certificate to our wireless clients before
loggin in works?

Do you know any MS documentation about this? I'm new to RADIUS as a whole.

Thanks
W


"Masterplan" <(E-Mail Removed).> kirjoitti
viestissä:21274204-FB3D-437E-AC43-(E-Mail Removed)...
> Hi William,
>
> Yes, you can configure a certificate authority, an IAS server (Microsoft
> implementation of radius) and dhcp on the server side. Aditionally, you
> must
> configure your access point to authenticate users to this newly configured
> IAS server (take care that shared secret and authentication protocols must
> match with that configured on the server). In this way, you can
> authenticate
> your wireless users by certificate (only the users that have a certificate
> will be authenticated and get an ip address).
>
> --
> Have a nice day!
> Masterplan - MCSE,MCITP-EA
> http://winmasterplan.blogspot.com
>
>
> "William Stokes" wrote:
>
>> Hello,
>>
>> I need to set up a wireless network that our users can log on to our
>> Win2003
>> AD domain. Servers are naturally on a wired network.
>>
>> How can I set this up so that when user connects to WLAN with his laptop
>> he
>> will logon to our domain and get ip addresses, network shares, printes
>> etc.
>> from login script? I have 3COM AP's supporting Radius. Is this the way to
>> go? These AP's doesn't have internal DHCP server so wireless clients
>> would
>> need to obtain ip's from domain DHCP server in wired network
>>
>> Thanks!
>>
>>
>>

Hi William,

Yes, you can do automatic certificate enrollement by group policy.
The configuration is complex. Here is a link about how to setup IAS (but
beside this if you want to authenticate users by certificate, you need to
have a certificate authority installed in your domain):
http://technet.microsoft.com/en-us/l.../cc779009.aspx
Also, you have to properly configure your 3COM ap's by using the
documentation on their site.

--
Have a nice day!
Masterplan - MCSE,MCITP-EA
http://winmasterplan.blogspot.com


"William Stokes" wrote:

> Ok. So I need to distribute this certificate to our wireless clients before
> loggin in works?
>
> Do you know any MS documentation about this? I'm new to RADIUS as a whole.
>
> Thanks
> W
>
>
> "Masterplan" <(E-Mail Removed).> kirjoitti
> viestissä:21274204-FB3D-437E-AC43-(E-Mail Removed)...
> > Hi William,
> >
> > Yes, you can configure a certificate authority, an IAS server (Microsoft
> > implementation of radius) and dhcp on the server side. Aditionally, you
> > must
> > configure your access point to authenticate users to this newly configured
> > IAS server (take care that shared secret and authentication protocols must
> > match with that configured on the server). In this way, you can
> > authenticate
> > your wireless users by certificate (only the users that have a certificate
> > will be authenticated and get an ip address).
> >
> > --
> > Have a nice day!
> > Masterplan - MCSE,MCITP-EA
> > http://winmasterplan.blogspot.com
> >
> >
> > "William Stokes" wrote:
> >
> >> Hello,
> >>
> >> I need to set up a wireless network that our users can log on to our
> >> Win2003
> >> AD domain. Servers are naturally on a wired network.
> >>
> >> How can I set this up so that when user connects to WLAN with his laptop
> >> he
> >> will logon to our domain and get ip addresses, network shares, printes
> >> etc.
> >> from login script? I have 3COM AP's supporting Radius. Is this the way to
> >> go? These AP's doesn't have internal DHCP server so wireless clients
> >> would
> >> need to obtain ip's from domain DHCP server in wired network
> >>
> >> Thanks!
> >>
> >>
> >>
>
>
>

Ok. Thanks for these.

BTW. 3Com's documentation about their AP's are not that great but what can
you do ;-)

W

"Masterplan" <(E-Mail Removed).> kirjoitti
viestissä:E31E4474-EAF3-4C8F-A9FA-(E-Mail Removed)...
> Hi William,
>
> Yes, you can do automatic certificate enrollement by group policy.
> The configuration is complex. Here is a link about how to setup IAS (but
> beside this if you want to authenticate users by certificate, you need to
> have a certificate authority installed in your domain):
> http://technet.microsoft.com/en-us/l.../cc779009.aspx
> Also, you have to properly configure your 3COM ap's by using the
> documentation on their site.
>
> --
> Have a nice day!
> Masterplan - MCSE,MCITP-EA
> http://winmasterplan.blogspot.com
>
>
> "William Stokes" wrote:
>
>> Ok. So I need to distribute this certificate to our wireless clients
>> before
>> loggin in works?
>>
>> Do you know any MS documentation about this? I'm new to RADIUS as a
>> whole.
>>
>> Thanks
>> W
>>
>>
>> "Masterplan" <(E-Mail Removed).> kirjoitti
>> viestissä:21274204-FB3D-437E-AC43-(E-Mail Removed)...
>> > Hi William,
>> >
>> > Yes, you can configure a certificate authority, an IAS server
>> > (Microsoft
>> > implementation of radius) and dhcp on the server side. Aditionally, you
>> > must
>> > configure your access point to authenticate users to this newly
>> > configured
>> > IAS server (take care that shared secret and authentication protocols
>> > must
>> > match with that configured on the server). In this way, you can
>> > authenticate
>> > your wireless users by certificate (only the users that have a
>> > certificate
>> > will be authenticated and get an ip address).
>> >
>> > --
>> > Have a nice day!
>> > Masterplan - MCSE,MCITP-EA
>> > http://winmasterplan.blogspot.com
>> >
>> >
>> > "William Stokes" wrote:
>> >
>> >> Hello,
>> >>
>> >> I need to set up a wireless network that our users can log on to our
>> >> Win2003
>> >> AD domain. Servers are naturally on a wired network.
>> >>
>> >> How can I set this up so that when user connects to WLAN with his
>> >> laptop
>> >> he
>> >> will logon to our domain and get ip addresses, network shares, printes
>> >> etc.
>> >> from login script? I have 3COM AP's supporting Radius. Is this the way
>> >> to
>> >> go? These AP's doesn't have internal DHCP server so wireless clients
>> >> would
>> >> need to obtain ip's from domain DHCP server in wired network
>> >>
>> >> Thanks!
>> >>
>> >>
>> >>
>>
>>
>>