No announcement yet.

Wireless before XP login

  • Filter
  • Time
  • Show
Clear All
new posts

  • Wireless before XP login


    i have a wireless network (Cert authentication)
    i would like to connect my thinclient to the wireless before the user will connect to the domain (the TC is in the domain) .
    our users get the profile from the network
    i saw this articel

    but its only for win7

    please assist


  • #2
    Re: Wireless before XP login

    Do you have Radius, and are these XP Client Terminals?

    You could try this. (Test to 1 TC first)

    - Create a security group in AD named (for example)'Wireless Group'
    - Add a test TC to the security group.
    - Setup a policy on your RRAS/IAS box to allow users to connect when their NAS-Port-Type matches "Wireless - Other OR Wireless - IEEE 802.11" & Windows-Groups matches "domain\wireless group".
    - Create a GPO named called Wireless Policy. Edit the policy and drill down to "Computer Configuration" "Windows Settings" > "Security Settings" > "Wireless Networking". Create a new Policy within and set the following..

    Name - Radius Wireless Policy
    Description - (Whatever you prefer)
    Check for policy changes every - 180 Mins
    Networks to access - Access point (infrastructure) networks only
    Use Windows to configure wireless network settings for clients - Ticked

    - On 'Preferred Networks' tab add the SSID and security settings as to what you setup on the Access Point.
    On the IEEE 802.1x tab ensure you have the following set.

    Enable network access control using IEEE 802.1x - Tick
    EAPOL-Start Message - Transmit per IEEE 802.1x
    EAP Type - Protected EAP (PEAP)

    In PEAP settings check that 'Validate server certificate" is ticked
    Validate that 'Authentication Method' is set to 'Secured password EAP-MSCHAP v2' & 'Enable Fast Reconnect'.

    - Return to the IEEE 802.1x tab.

    Ensure 'Authenticate as computer when computer information is available' has been ticked
    Check that Computer authentication is configured for 'Computer only'.

    Close GPO.

    Chuck a test TC onto the network, and do a GPUPDATE /force from the terminal if possible (Sounded like they have full XP on it?). Reboot and test

    Found an article here too which might help if you have a small amount of TC's to manage, and prefer to do it manual.