Windows Scripts won't run consistently when using 802.1x user authentication on WLAN

Installing new Trapeze wireless LAN using 802.1x user authentication. Using
IAS on Win2003 R2 Domain Controller for user authentication. Connection to
the WLAN is successful on both WinXP and Vista.

Problem: Our Windows logon scripts (neither Computer or User) for drive
mapping and printer setup in Group Policy don't execute. For complete
disclosure, they never work on Vista, but sometimes work on WinXP.

I'm guessing that the point in time where the scripts should fire is prior
to the 802.1x WLAN authentication process, but there has got to be a
solution. Any advice appreciated.

thanks, Russell

 

okay, finally got this to work and half-way understand the details. quick
notes.

Used PEAP with MSChap v2. This allows the WLAN connection to occur prior to
user authentication in order for the Group Policy script to fire.

Get an Server SSL Certificate like you would for a https:// web site. Get
it signed by a CA. We used Godaddy.com. Import into the IAS server's
certificate store.

On IAS, Remote Access Policy, Edit Profile, Authentication, EAP Methods,
PEAP, select your the certificate.

On XP or Vista client, in WirelessLAN properties, choose to Validate Server
certificate and choose your Trusted Root Certificate Authority.

On further note: On the Trapeze wireless LAN controller, had to tell it to
look to the RADIUS server for certificate instead of using its own self
generated one.

Those are sloppy notes, but hopefully will be enough to help others with
similar problem. regards, Russell