Why not WAP-PSK?

I am planning on implementing a wireless network for my users on our
internal AD domain. (W2K3 native)

It is my understanding that W2K3 sp1 includes some GPOs that would allow an
automated passing around of a WPA PSK.

If this is true, why would I want to delve into a radius/IAS setup? We are
fairly small.

Is there something wrong with using a WPA PSK?

Thanks,
Bob

Bob Williamson

To quote the WPA spec:

"The user of pre-shared key is recommended for home use only. When the
PSK is used as the PMK, impersonation between stations or a station
impersonating an AP is possible."

Bottom line is that WPA-PSK is a compromise (better than WEP however)
for users without the benefit of a RADIUS server implemtation. That
would be most home and SOHO users.

OK?

jwh20

Yep, thanks you for your reply. In case your curious, we will only be using
wireless for presentations, occasional roaming etc. At MOST 3-4 people at a
time, at least initially.

Assuming I can automate the passing out of a PSK via GPO (beginning with
W2K SP1) I think I will go that route. Handing out a PSK manually (on a
sticky note or via email for example) would be way to big of a compromise,
but via GPO...well I feel comfortable with that.

Eventually I suppose I will have to look forward to Radius/IAS, but hey, I
am a one person IT dept......

Thanks,
Bob

"jwh20" <> wrote in message
news: oups.com...
> To quote the WPA spec:
>
> "The user of pre-shared key is recommended for home use only. When the
> PSK is used as the PMK, impersonation between stations or a station
> impersonating an AP is possible."
>
> Bottom line is that WPA-PSK is a compromise (better than WEP however)
> for users without the benefit of a RADIUS server implemtation. That
> would be most home and SOHO users.
>
> OK?
>

Bob Williamson