Wireless and Windows Domain login?
Hi everyone. My current home wireless setup works pretty well right now: 54g AP, multiple 54g wireless cards, and a 54g gateway. All the PCs in the local network are currently configured for a workgroup. Soon I plan on adding a server and making it a Domain controller. My concern is this: my wireless adapters don't seem to be fully running until after Windows XP has started.
I'm going to assume that the following happens in a wireless PC configured for a domain situation: XP boots up to the login screen and the user logs in. but since the wireless connection isn't running yet the system uses cached credentials. The system then logs the user in, but the login script won't run either.
Are my assumptions correct? Also, does this cause any problems in relation to a Windows Active Directory environment? And lastly, is there any way for a wireless card to be active and connected by the time XP gets to the login screen?
Any assistance would be greatly appreciated. Thanks!
windows has to be logged in first.
The card may have connectivity to the radio on layer two...
but there will be no layer three until everything is in place.
Did you ever get this issue resolved? I am having the same problem. Once I log in locally and log off, I can log into the domain fine. If I try to logon a new user, or change passwords from the DC, it doesn't show up on the wireless machine until I've logged on and off a few times.
[subject goes here]
Yes you will login with cached credentials.
Run your scripts manually.
After the scripts run your network drives/printers will be mapped
In my enviroment I have only experienced this problem with Centrino based wi-fi clients. So I can't speak for other hardware.
But I have all my users run their scripts manually if they log onto the domain using Wi-fi. After running the scripts manually Exchange syncronizes and everything is mapped. So I would have to say there's no problem with regards to the AD.
How do you deal with new users then? Since you are logging on with cached credentials, do you just have another user log in and then out, and then have the new user log in? It would have to be the same thing for password changes if they weren't initialized from the user, but via admin resets.
Windoes can connect wirelessly before login screen?
At work we have this same issue with Windoes Server 2003 and XP PRO users. Users trying to login to a new machine can't get in b/c the wireless doesn't connect until after the user is in.
Wire in solution:
If the computer can reach a wired connection then the user can login with connectivity to the domain.
Admin is on-hand wireless solution:
1) admin login
2) admin gives the user admin privelages to that machine temporarily
3) admin verifies the connection to the Wireless
4) lock the computer
5) user logout the admin by typing in the user's credentials and clicking yes to close and lose all work
6) user's credentials are cached to the machine by this process
7) admin login and remove admin privelage for user
8) user login to use the machine and network resources
The best solution to be posted below: where you connect wirelessly at all times the network is range without being logged in.
It might be as simple as applying this policy setting. I am referring to the one that forces the computer to wait till the network is up.
CWNA, CWSP, K0PBX
That policy merely waits for a connection. It does not provide a pre-login wireless connection.
Maybe so, but it corrects the problem that has been addressed. I guess I do not see what the difference is either in your comments, waiting is exactly what you want the login to do.
CWNA, CWSP, K0PBX
Originally Posted by M/Q
I had the same problem. What worked for me was setting the wait for network setting in group policy as mentioned above by M/Q and then setting a wireless profile into the group policy.
To set a wireless profile in group policy navigate to Computer Configuration>Windows Settings>Security Settings>Wireless Network (IEEE802.11) Policies
Then right click the blank space on the right and create a new wireless profile. This will add the wireless profile to all accounts on every computer affected by that policy, a global wireless policy so to speak. When this is done my wireless clients seem to make a network connection prior to logon. I am even able to connect via VNC to a client that has just had a fresh reboot and has not yet been logged on.
Hope that helps.
Great idea, thanks for letting us know about that. I never had a problem that the policy setting I mentioned did not fix. But, just in case I will store this tidbit away to be sure.
CWNA, CWSP, K0PBX
I was having this same issue. Joining a laptop wirelessly to a windows domain and using roaming profiles..
The wireless network card WASN"T internal, it was a USB linksys wireless n device. Linksys's software takes over the Windows Wireless Network control panel and uses their software.. This was the problem. The linksys wireless connection software doesn't connect until the PC is logged into a user name. How can you authenticate if you're not yet connected?
How i fixed it:
1. I first confirmed the laptop could join the domain while wired, i did this, let it download the profile initially. (i had to give the username full rights to the C drive for this to work) it was giving an error while syncing the profile - it said it didn't have access.
2. While connected through a wired connection, i disabled linksys's wireless control panel and told it to use the windows wireless networking. To do this with linksys, you right click on the "wireless Internet connection" icon on the system tray and select "Use Windows Wireless Networking". Linksys asks if your sure you want to do this, hit OK. Windows takes over that function.
It will now let you authenticate without already being logged into a user name.
I hope this helps, as this was a major pain in my ass. Hopefully i'll help someone else down the road.