Export (0) Print
Expand All

Configure Wireless Authentication for NAP in Group Policy

Updated: February 29, 2012

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Windows Server® 2008, Windows Vista®, Windows Server 2008 R2, and Windows 7 include enhancements like an extended Active Directory schema to support 802.1X authenticating switches for 802.3 wired Ethernet connections. For more information, see Active Directory Schema Extensions for Windows Vista Wireless and Wired Group Policy Enhancements at http://go.microsoft.com/fwlink/?LinkID=167840.

Membership in the local Domain Admins group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?LinkId=83477).

Use the following procedure to deploy wired authentication settings to NAP client computers for use with NAP and 802.1X enforcement.

  1. On a domain controller or member server with the Group Policy Management feature installed, click Start, click Run, type gpmc.msc, and then press ENTER.

  2. In the Group Policy Management console tree, open Group Policy Objects, right-click the name of the GPO you want to edit, and then click Edit. The Group Policy Management Editor opens.

  3. In the Group Policy Management Editor tree, open Computer Configuration\Policies\Windows Settings\Security Settings\Wireless Network (IEEE 802.11) Policies.

  4. Right-click Wireless Network (IEEE 802.11) Policies.

    • If the policy applies to computers running Windows XP SP3, click Create a New Windows XP Policy. For detailed instructions, see Configure 802.1X Wireless Clients Running Windows XP with Group Policy (http://go.microsoft.com/fwlink/?LinkId=134784).

    • If the policy applies to computers running Windows Vista, click Create a New Windows Vista Policy. For detailed instructions, see Configure 802.1X Wireless Clients Running Windows Vista with Group Policy (http://go.microsoft.com/fwlink/?LinkId=134785).

  5. Both of these profiles require that you configure properties on the Protected EAP Properties dialog box. To enable NAP, clear the Enable Fast Reconnect check box, and select the check box next to Enable Quarantine checks. See the following example.

    b3c91221-fa84-403d-8474-f737a929cd89

See Also

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft