|
windows
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
GROUP POLICY COMPUTER SETTINGS NOT APPLIED DURING WIRELESS LOGONwireless netowrking which is secured WPA and 802.1X certificate authentication of computers and users, as per Microsoft best practise. So long as wireless configuration is manually configured, networking and logons work fine. However when group policy has been used to deliver wireless configuration to client, wirless settings a are lost after three logons. It transpires that when the logon is processed wirelessly, the computer settings of policies are not applied, policies are filtered from the RSOP stating 'Denied ( Security)'. The computer is obviously not known at the time of processing since the SECURITY GROUP membership listing in GPRESULT indicates a NULL SID and does not list the groups to which the computer belongs. If a wired connection is used to logon, all policies are applied correctly and group memnerships are correctly identified. Authenticated users have read and apply rights to the policies. In desperatiuon I have added the domain workstaions to to ACL for test policies. The problem is obviuosly going to be overcome by ensuring the computer is known prior to attempting load the computer policies. Can anybody advise how this might be achieved. The following registry files are in place to try and overcome the problem: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - GpNetworkStartTimeoutPolicyValue - set to 60 HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System - GpNetworkStartTimeoutPolicyValue - set to 60 I would check your default policy to make sure nothing strange is
there. I had this working fine a couple of months ago. Also, make sure that the default policy is set so that Windows waits until the network connections are ready before logging in (I forget what the setting is called). On Nov 30, 11:45 am, p.squa***@alexsys.co.uk wrote: Show quoteHide quote > I have a Windows Server 2003 Domain in which I have implemented > wireless netowrking which is secured WPA and 802.1X certificate > authentication of computers and users, as per Microsoft best practise. > > So long as wireless configuration is manually configured, networking > and logons work fine. However when group policy has been used to > deliver wireless configuration to client, wirless settings a are lost > after three logons. > > It transpires that when the logon is processed wirelessly, the computer > settings of policies are not applied, policies are filtered from the > RSOP stating 'Denied ( Security)'. The computer is obviously not known > at the time of processing since the SECURITY GROUP membership listing > in GPRESULT indicates a NULL SID and does not list the groups to which > the computer belongs. > > If a wired connection is used to logon, all policies are applied > correctly and group memnerships are correctly identified. > > Authenticated users have read and apply rights to the policies. In > desperatiuon I have added the domain workstaions to to ACL for test > policies. > > The problem is obviuosly going to be overcome by ensuring the computer > is known prior to attempting load the computer policies. Can anybody > advise how this might be achieved. > > The following registry files are in place to try and overcome the > problem: > > HKEY_LOCAL_MACHINE\Software\Microsoft\Windows > NT\CurrentVersion\Winlogon - GpNetworkStartTimeoutPolicyValue - set to > 60 > HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System - > GpNetworkStartTimeoutPolicyValue - set to 60 
Other interesting topics
Show all wireless devices, how?
Sigal styrenth good - no cennectivity How do I search for a wireless network? wireless connection Visual Step by Step guide for setting up Wi Fi connection Windows XP file sharing oddness (any ideas?) Wireless home networking Wireless home networking (file transfer) Wireless with dial-up? Wireless Setup Between Two Wireless Laptops |
|||||||||||||||||||||||
