okay, finally got this to work and half-way understand the details. quick
notes.
Used PEAP with MSChap v2. This allows the WLAN connection to occur prior to
user authentication in order for the Group Policy script to fire.
Get an Server SSL Certificate like you would for a https:// web site. Get
it signed by a CA. We used Godaddy.com. Import into the IAS server's
certificate store.
On IAS, Remote Access Policy, Edit Profile, Authentication, EAP Methods,
PEAP, select your the certificate.
On XP or Vista client, in WirelessLAN properties, choose to Validate Server
certificate and choose your Trusted Root Certificate Authority.
On further note: On the Trapeze wireless LAN controller, had to tell it to
look to the RADIUS server for certificate instead of using its own self
generated one.
Those are sloppy notes, but hopefully will be enough to help others with
similar problem. regards, Russell
"Russell" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Installing new Trapeze wireless LAN using 802.1x user authentication.
> Using IAS on Win2003 R2 Domain Controller for user authentication.
> Connection to the WLAN is successful on both WinXP and Vista.
>
> Problem: Our Windows logon scripts (neither Computer or User) for drive
> mapping and printer setup in Group Policy don't execute. For complete
> disclosure, they never work on Vista, but sometimes work on WinXP.
>
> I'm guessing that the point in time where the scripts should fire is prior
> to the 802.1x WLAN authentication process, but there has got to be a
> solution. Any advice appreciated.
>
> thanks, Russell
>
|
Similar Threads
Linear Mode
