+ Post New Thread
Results 1 to 11 of 11
Windows Server 2000/2003 Thread, WPA2 missing from policy in Technical; We run 2003 servers with sp2 and pcs with xp sp3. We have laptops which we want to use wpa2 ...
  1. #1

    Join Date
    Feb 2007
    Location
    Hereford
    Posts
    213
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    WPA2 missing from policy

    We run 2003 servers with sp2 and pcs with xp sp3.
    We have laptops which we want to use wpa2 and control with a wireless policy.

    Why cant MS stop being so stubben about this and give us the update to allow server 2003 to control wpa2.

    They give you wep. but as we all know , you may aas well not bother!

    I dont see why i should have to update my dc to 2008 scehma just for that.

    I'm happy with 2003 at the moment.

    Does any one know a way round this or some 3rd party software that would do this.

    Come on microsoft!!!!!

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,304
    Thank Post
    242
    Thanked 1,588 Times in 1,265 Posts
    Rep Power
    344
    I believe you can do it by integrating an update into the 2003 schema.

  3. #3

    Join Date
    Feb 2007
    Location
    Hereford
    Posts
    213
    Thank Post
    5
    Thanked 3 Times in 3 Posts
    Rep Power
    16
    Quote Originally Posted by Michael View Post
    I believe you can do it by integrating an update into the 2003 schema.
    You need an 2008 AD server to update 2003 schema to 2008.

    We dont have any 2008 servers.

  4. #4

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,963
    Thank Post
    160
    Thanked 153 Times in 117 Posts
    Rep Power
    50
    Quote Originally Posted by goodhead View Post
    You need an 2008 AD server to update 2003 schema to 2008.

    We dont have any 2008 servers.
    Nope, read the link. All you need is a Pc running Vista or 2008, or presumably Windows 7.

    Having said that, I dont think I'd rush to use that hack unless I was desperate!
    Even when we were able to use GPO for wireless, I didnt find it to that great. The profiles had a habit of dissapearing from time to time. Better to just set it up manually after imaging a laptop

  5. #5

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,304
    Thank Post
    242
    Thanked 1,588 Times in 1,265 Posts
    Rep Power
    344
    You need an 2008 AD server to update 2003 schema to 2008.
    That's not technically true. If you insert a 2008 disc into a 2003 Server, you can upgrade the schema from the command prompt. This'll upgrade it from 30 or 31 to 44 for example. At a later date you could then upgrade to 2008 Server.

  6. #6

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    120
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    14
    Would this have to be done on the DC ?

    Quote Originally Posted by Michael View Post
    That's not technically true. If you insert a 2008 disc into a 2003 Server, you can upgrade the schema from the command prompt. This'll upgrade it from 30 or 31 to 44 for example. At a later date you could then upgrade to 2008 Server.

  7. #7

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,270
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    Quote Originally Posted by mickeyh080 View Post
    Would this have to be done on the DC ?
    It is best to run this on the DC with the schema master role as it is much faster, if you are using a 2008 disk then you will need the one that matches the architecture of your current server, ie 32 or 64 bit. If you are using a 2008 R2 disk it includes both versions of AD Prep. If you can get a hold of a 2k8 R2 disk then you may as well push it up to R2, you don't need an r2 license to upgrade the schema and I know that 2003 will handle it just fine.
    Last edited by SYNACK; 14th May 2010 at 01:07 AM.

  8. Thanks to SYNACK from:

    mickeyh080 (14th May 2010)

  9. #8

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    120
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    14
    By updating the schema on the DC to 2008 will this enable the WPA2 setting in the GPO or would we still need to access the setting using a Win7/ Vista workstation. Seen various references stating that you would never see the WPA2 setting on a 2003 server unless your accessing via a 2008/Win7 console.

    If this is the case then as you suggested I will just run the GPO from a workstation for now until we upgrade the DC to 2008 this year.

    Quote Originally Posted by SYNACK View Post
    It is best to run this on the DC with the schema master role as it is much faster, if you are using a 2008 disk then you will need the one that matches the architecture of your current server, ie 32 or 64 bit. If you are using a 2008 R2 disk it includes both versions of AD Prep. If you can get a hold of a 2k8 R2 disk then you may as well push it up to R2, you don't need an r2 license to upgrade the schema and I know that 2003 will handle it just fine.

  10. #9

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,270
    Thank Post
    884
    Thanked 2,747 Times in 2,321 Posts
    Blog Entries
    11
    Rep Power
    785
    Quote Originally Posted by mickeyh080 View Post
    By updating the schema on the DC to 2008 will this enable the WPA2 setting in the GPO or would we still need to access the setting using a Win7/ Vista workstation. Seen various references stating that you would never see the WPA2 setting on a 2003 server unless your accessing via a 2008/Win7 console.
    That is correct, you would still need to run the console from a Vista/7 PC as the older versions of the console included in 2003 don't have the nessisary interface to configure this setting in the newly upgraded AD database behind the scenes. It will work fine managing it from a workstation as you intend to with the newer version of the console that can edit the right bits in the database.

  11. #10

    Join Date
    May 2008
    Location
    Norfolk
    Posts
    120
    Thank Post
    16
    Thanked 2 Times in 1 Post
    Rep Power
    14
    Loaded a laptop with Windows & professional and installed the 2008 Admin pak. Then joinded this to the domain and edited the wireless GPO and hey presto the WPA2 setting is applied. Tried this without altering the schema on the Dc and it worked fine. Laptops are now connecting using WPA2, only downside is the GPO is now greyed out in 2003 so cannot edit it without using the Win 7 machine.

    Thanks very much for the info, this fix will do nicely until we upgrade the servers.

    Quote Originally Posted by SYNACK View Post
    That is correct, you would still need to run the console from a Vista/7 PC as the older versions of the console included in 2003 don't have the nessisary interface to configure this setting in the newly upgraded AD database behind the scenes. It will work fine managing it from a workstation as you intend to with the newer version of the console that can edit the right bits in the database.

  12. #11

    Join Date
    Jan 2007
    Location
    Nottinghamshire
    Posts
    530
    Thank Post
    1
    Thanked 84 Times in 58 Posts
    Rep Power
    38
    Is this still only for 802.11x etc? Or does it let you send out pre shared keys?



SHARE:
+ Post New Thread

Similar Threads

  1. WPA2-PSK Group Policy on Server 2003
    By mattpant in forum Wireless Networks
    Replies: 4
    Last Post: 11th September 2009, 04:36 PM
  2. wpa2 gpo 2008 server dc
    By ful56_uk in forum Wireless Networks
    Replies: 1
    Last Post: 17th August 2009, 12:26 AM
  3. Local secrity Policy MMC missing
    By speckytecky in forum How do you do....it?
    Replies: 0
    Last Post: 19th December 2008, 11:59 AM
  4. Replies: 6
    Last Post: 29th November 2007, 12:35 PM
  5. WPA2
    By Ric_ in forum Wireless Networks
    Replies: 5
    Last Post: 19th October 2006, 06:27 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •