Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Wireless Networking > Group Policy and PEAP

Thread Tools

Group Policy and PEAP

Kevin Lancaster
Posts: n/a
I quote from the "Microsoft Windows Small Business Server 2003
Administrators Companion" book:-

"Although PEAP provides great wireless security and is easier to implement
than EAP-TLS authentication, there are two significant drawbacks. The first
is that you won't be able to remotely administer wireless clients unless
someone's logged on. The second is that Group Policy Computer Configuration
won't work."

Based on my own experience of using PEAP based wireless networks, I would
disagree with both of the above statements.

1. When a computer on the network starts up, the computer account
authenticates. This is confirmed by the following;
i) An event appears in the event log stating that the computer account has
ii) I can access the computer via Computer Management from the server
iii) There is an option in the configuration that states to "Authenticate as
computer when computer information is available"
iv) When a user logs on, another event occurs stating the user has been
given access. When the user logs off, the computer again authenticates.
v) The computer account is denied access unless Dial-In access is granted
according to the Remote Access Policy.

2. I can only assume the statement about Group Policy Computer Configuration
not working is because of the first point that, according to the book, the
computer does not have network access until a user logs on. Thus, no access,
how can Group Policy be applied?

I am surprised to read this because without the computer obtaining network
access the whole process of domain access, DNS registration, roaming
profiles etc will not work unless network access is obtained prior to logon.

These statements are based on experience gained from using Cisco Aironet
Access Points, Windows 2003 Small Business Server, Both Verisign and
Microsoft Certificates and Windows XP Desktops using the WZC service.

Can anyone shed some light on this?


Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to uninstall Cisco PEAP supplicant to use XP default PEAP =?Utf-8?B?RGVsb24=?= Wireless Networking 0 05-25-2007 05:50 AM
Group policy with no group =?Utf-8?B?UGhvZW5peCBDeWNsaXN0?= Wireless Networking 1 03-15-2007 04:21 AM
PEAP Configuration Woes - PEAP configuration help jester Cisco 1 12-20-2005 02:04 PM
Default Domain Policy vs Default Domain Controller Policy Tyler Cobb MCSE 6 10-19-2005 09:36 PM
Default Domain Policy vs. Default Domain Controller Policy Tyler Cobb MCSA 1 10-09-2005 03:42 PM