Wireless Network Policies Extension Tools and Settings

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Wireless Network Policies Extension Tools and Settings

In this section

  • Wireless Network Policies Extension Tools

  • Wireless Network Policies Extension Registry Entries

  • Wireless Network Policies Extension Group Policy Settings

  • Related Information

This section contains references to tools associated with the Wireless Extension. This section also contains settings, Registry entries, and Network information associated with the Wireless extension.

Wireless Network Policies Extension Tools

The following tools are associated with Wireless Network Policies Extension.

Wlanmon.dll: Wireless Monitor

Category

Wlanmon.dll is a Microsoft Management Console (MMC) snap-in.

Version compatibility

Wlanmon.dll runs only on Windows Server 2003.

Wlanmon.dll is used to monitor Access Point information and Wireless Client information.

Wlsnp.dll: Wireless Group Policy Snap-In

Category

Wlsnp.dll is an MMC snap-in.

Version compatibility

Wlsnp.dll runs only on Windows Server 2003.

Wlsnp.dll is used to create and edit Wireless policy on Windows Server 2003 operating systems.

Wireless Network Policies Extension Registry Entries

The following registry entries are associated with Wireless Network Policies Extension.

The information here is provided as a reference for use in troubleshooting or verifying that the required settings are applied. You should not directly edit the registry unless there is no other alternative. Modifications to the registry are not validated by the registry editor or by Windows before they are applied, and as a result, incorrect values can be stored. This can result in unrecoverable errors in the system. When possible, use Group Policy or other Windows tools, such as Microsoft Management Console (MMC), to accomplish tasks rather than editing the registry directly. If you must edit the registry, use extreme caution.

GPExtensions\ {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} (Domain Controller and Target)

Registry path

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\

Version

The Registry settings in this section are for a domain controller running Windows Server 2003 and a target running Windows XP SP1 or later.

This key contains Wireless Group Policy extension information.

For more information about this registry entry, see the Registry Reference for Windows Server 2003.

GPExtensions\{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63} (Domain Controller and Target)

Registry path

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\

Version

The Registry settings in this section are for a domain controller running Windows Server 2003 and a target running Windows XP SP1 or later.

This key contains specific Wireless Group Policy extension information.

For more information about this registry entry, see the Registry Reference for Windows Server 2003.

Wireless (Domain Controller and Target)

Registry path

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\

Note that Windows in the Registry path is “windows” for Windows Server 2003 and “Windows” for Windows XP.

Version

The Registry settings in this section are for a domain controller running Windows Server 2003 and a target running Windows XP SP1 or later.

This registry key stores specific wireless Group Policy settings.

For more information about this registry entry, see the Registry Reference for Windows Server 2003.

Wireless Network Policies Extension Group Policy Settings

You can specify Administrative Templates Group Policy settings that modify wireless Group Policy. You can also modify settings in the Wireless Group Policy Properties dialog box. The following two tables summarize Administrative Template settings.

Computer Configuration\Administrative Templates\System\Group Policy

Group Policy Setting Description

Wireless Policy Processing

Options are:

  • Not Configured (default)

  • Enabled

  • Disabled

Computer Configuration\Administrative Templates\Network\Network Connections

Group Policy Setting Description

Prohibit use of Internet Connection Sharing on your Domain Name System (DNS) domain network

Options are:

  • Not Configured (default)

  • Enabled

  • Disabled

Prohibit use of Internet Connection Firewall on your DNS domain network

Options are:

  • Not Configured (default)

  • Enabled

  • Disabled

Prohibit installation and configuration of Network Bridge on your DNS domain network

Options are:

  • Not Configured (default)

  • Enabled

  • Disabled

IEEE 802.1x Certificate Authority for Machine Authentication

Options are:

  • Not Configured (default)

  • Enabled

  • Disabled

The remaining tables summarize settings from the various tabs on the Wireless Group Policy Properties dialog box.

General Tab

Option Description

Name

String of your choice

Description

String of your choice

Check for policy Changes every x minutes

180 is the default

Networks to access

Drop-down list box choices are:

  • Any available network (access point preferred) (default)

  • Access point (infrastructure) networks only

  • Computer-to-computer (ad hoc) networks only

Use Windows to configure wireless network settings for clients (check box)

Default is check box selected. Clearing the check box disables the option.

Automatically connect to non-preferred networks (check box)

Default is check box cleared. Selecting the check box enables the option.

Preferred Networks Tab

Option Description

Networks: (list)

The list, by default, is empty. Adding a network to the list enables the Move Up and Move Down buttons.

Add, Edit and Remove buttons

The Add and Edit button dialog boxes are the same.

Network Properties Tab

Option Description

Network Name (SSID)

String for network name.

Description

String for description

Wireless Network Key (WEP) (3 check boxes)

This network requires a key for the following:

  • Data encryption (WEP-enabled) (default is selected)

  • Network authentication (Shared mode) (default is cleared)

  • The key is provided automatically (default is selected)

This is a computer-to-computer (ad hoc) network; wireless access points are not used.

Default is check box cleared. Selecting the check box enables the option.

IEEE 802.1x Tab

Option Description

Enable network access control using IEEE 802.1x

Default is check box selected. Clearing the check box disables the option.

EAPOL-Start message

Drop-down list box choices are:

  • Do not transmit

  • Transmit (default)

  • Transmit per IEEE 802.1x

Parameters (seconds)

Text Box settings are:

  • Max start (default is 3)

  • Start period (default is 60)

  • Held period (default is 60)

  • Authentication period (default is 30)

EAP type

Drop-down list box choices are:

  • Smart Card or other certificate (default)

  • Protected EAP (PEAP)

Authenticate as guest when user or computer information is unavailable

Default is check box cleared. Selecting the check box enables the option.

Authenticate as computer when computer information is available

Default is check box selected. Clearing the check box disables the option.

Computer authentication

Drop-down list box choices are:

  • With user authentication

  • With user re-authentication (default)

  • Computer only

EAP type (Smart Card or other certificate) Settings Tab

Option Description

When connecting

Option button choices are:

  • Use my smart card

  • Use a certificate on this computer (default)

    • Use simple certificate selection (Recommended) [(check box) (default is selected)]

Validate server certificate (check box)

Default is check box selected. Clearing the check box disables the option.

Connect to these servers (check box)

Default is check box cleared and list box disabled. Selecting the check box enables the text box, in which you enter the servers.

Trusted Root Certificate Authorities (list box)

Default is none of the check boxes in the list are selected. Selecting the check box enables the option.

Use a different user name for the connection (check box)

Default is check box is cleared. Selecting the check box enables the option.

EAP type (Protected EAP (PEAP)) Settings Tab

Option Description

Validate server certificate (check box)

Default is check box selected. Clearing the check box disables the option.

Connect to these servers (check box)

Default is check box cleared and list box disabled. Selecting the check box enables the text box, in which you enter the servers.

Trusted Root Certificate Authorities (list box)

Default is none of the check boxes in the list are selected. Selecting the check box enables the option.

Select Authentication Method

Drop-down list box options are:

  • Secured password (EAP-MSCHAP v2) [(default)]

  • Smart Card or other certificate

Enable Fast Reconnect (check box)

Default is check box cleared. Selecting the check box enables the option.

Select Authentication Method (Secured Password (EAP-MSCHAP v2)) Properties Tab

Option Description

When connecting: (check box)

Automatically use my Windows logon name and password (and domain if any) [(default is check box is selected)]

Select Authentication Method (Smart Card or other certificate) Properties Tab

Option Description

When connecting

Option button choices are:

  • Use my smart card

  • Use a certificate on this computer (default)

    • Use simple certificate selection (Recommended) [(check box) (default is selected)]

Validate server certificate (check box)

Default is check box selected. Clearing the check box disables the option.

Connect to these servers (check box)

Default is check box cleared and list box disabled. Selecting the check box enables the text box, in which you enter the servers.

Trusted Root Certificate Authorities (list box)

Default is none of the check boxes in the list are selected. Selecting the check box enables the option.

Use a different user name for the connection (check box)

Default is check box cleared. Selecting the check box enables the option.

For more information about Group Policy settings, see the Group Policy Settings Reference for Windows Server 2003.

The following resources contain additional information that is relevant to this section.