Daniel Petri is a world-known IT professional, technical trainer and creator of one of the world’s largest IT knowledge bases – www.petri.com. Daniel consults to leading global Fortune 1000 companies in Microsoft IT Infrastructure and Engineering strategies.

For his contribution to the IT Pro community Daniel has received the Microsoft Most Valuable Professional (MVP) award for the 14th time. Daniel’s professional certifications include Microsoft Certified Technology Specialist, Microsoft Certified Systems Engineer, Microsoft Certified System Administrator and Microsoft Certified Trainer.

While working for Microsoft, Daniel serves as a Senior Premier Field Engineer (PFE) specializing in Windows Server OS and Active Directory.
Daniel now works for ObserveIT, makers of the Insider Threat Detection software, where he holds the role of Senior Solutions Architect, where he manages large deployment projects and partner and customer training programs.

In his spare time, Daniel rides a 1200cc 2015 model Ducati Multistrada 1200S bike and manages the Israeli Bikers forum.

You can contact Daniel at daniel-at-petri-dot-co-dot-il.

Working with Wireless GPO Settings from XP SP2

I found this nice blog by Darren Mar-Elia regarding an issue with editing wireless GPO settings from a Windows XP SP2 machine. I thought it was interesting enough to share, so here is my interpretation of it.

If you may recall, Windows Server 2003 has added quite a few good GPO settings, some of which only work on Windows XP and above, and some require XP SP2 and above. One of the nicest security settings is the ability to create a wireless settings GPO that will require your client computers to connect only to a predefined set of wireless networks, and to require various security settings such as the type of wireless network access, level of encryption, method of authentication and more.

When creating and editing these wireless GPO settings you need to first have a Windows Server 2003 Domain. This is because of various additions to the AD Schema that the first Windows Server 2003 DC introduces (read Windows 2003 ADPrep). It uses the msieee80211-Policy class that was added in the 2003 AD schema to store the policy settings.

After you have a Windows Server 2003 Domain in place, you will need to create a new GPO or edit an existing GPO and add the wireless settings to it. Read Creating Wireless GPO Setting for more info.

Editing this new GPO from one of your Windows Server 2003 DCs is fine, but some of you might want to perform the editing and management of the Wireless GPO settings from a Windows XP workstation that you’re using as your management station. This is where this article comes in handy.

When trying to edit these settings from a Windows XP workstation you’ll find that the WiFi GPO settings are not accessible, as you can see from the following screenshots:


(Editing a Wireless GPO from Windows XP Pro)

(No Wireless settings node in the GPO)

So, in order to get the Wireless GPO settings on a Windows XP Pro workstation you need to perform the following steps:

  1. Copy the following files from the %systemroot%\system32 folder on an Windows Server 2003 server to the %systemroot%\system32 folder on your Windows XP workstation:
  • wlsnp.dll
  • wlstore.dll
  • ws03res.dll

Lamer note: %systemroot%\system32 means the system32 folder found in your Windows folder, in your system partition, typically C:.

  1. Next, register wlsnp.dll, which is the actual MMC extension snap-in by running the following from a command line or from the Run menu:



Define Active Directory-based Wireless Network Policies

What Is Wireless Network Policies Extension?

Related Topics:

  • Networking

    Don't have a login but want to join the conversation? Sign up for a Petri Account