Is there a way using GP to hide the network key in the wireless network properties as ticking show characters reveals the key in plain text. I know only admins can see this but I prefer the way XP did it!
I know this isn't a direct answer to your question, but if you used a WPA enterprise style setup, you can get authentication based on computer certificates, and therefore no need for keys
It's supposed to be the most secure method for wireless networking. I can provide more info if necessary.
You mean install a radius server?
Right thanks. This school is moving to Server 2008 soon so will have to take a look at that.
1. A certificate server on the domain dishing out certificates to all domain computers (well at least the ones you want to use the wireless policy)
2. IAS installed on a domain controller
3. Wireless Access points that support WPA Enterprise (most do now)
1. You need to create a wireless access policy. Mine is based on the group 'Domain Computers'. This allows all computers that are a member of that group access. In that policy setting you will see PEAP options where you select your cerificate server
2. You need to add a RADIUS Client (the access point) and configure a shared secret
On the Access Point:
1. Configure WPA Enterprise security.. The only settings are, RADUIS Server IP, and the shared secret.
Then either through a GPO or directly on the computers configre the wireless profile for that SSID, selecting WPA (or WPA2), but there's an option to choose PEAP authentication. Check the local certificate by running the 'Certificates' mmc snap in and selecting local computer. The certificate should be the one issued by the same server selected in the IAS wireless policy.
That's pretty much it. The logs on the server running IAS will help you troubleshoot if you get any issues. Feel free to give me a shout and I will send you screen shots of all my config.
Last edited by prad; 24th May 2010 at 02:32 PM. Reason: spelling error
In Server 2008, they have renamed IAS to Network Protection Server, and it is very Wizardy..
I've been fiddling with it, as I want to move from our current IAS servers on Windows 2003, to Server 2008. Not got very far with it, but it all seems to work the same.
There are currently 1 users browsing this thread. (0 members and 1 guests)