WlanSetProfileEapXmlUserData Security Context Question

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: P Becker <P Becker@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 9 Dec 2008 08:17:02 -0800

I'm having trouble connecting WPA-enterprise APs using the NativeWifi API
under a Windows Service. I can create profiles and connect to APs generally,
and even WPA-enterprise when I use the windows logon. The real kicker is
that my code works fine in a user-mode app, but not in the service running
under SYSTEM. I cannot figure out what's going wrong, and I suspect it has
something to do with the Service's context being different. This app is
being developed in C# for Windows Vista.

Here's the xml used in WlanSetProfile to create the profile:

<?xml version="1.0" ?>
<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1";>
<name>SS1-WPAR</name>
<SSIDConfig>
<SSID>
<hex>some hex</hex>
<name>SSIDname</name>
</SSID>
<nonBroadcast>false</nonBroadcast>
</SSIDConfig>
<connectionType>ESS</connectionType>
<connectionMode>manual</connectionMode>
<MSM>
<security>
<authEncryption>
<authentication>WPA</authentication>
<encryption>TKIP</encryption>
<useOneX>true</useOneX>
</authEncryption>
<OneX xmlns="http://www.microsoft.com/networking/OneX/v1";>
<EAPConfig>
<EapHostConfig
xmlns="http://www.microsoft.com/provisioning/EapHostConfig";>
<EapMethod>
<Type
xmlns="http://www.microsoft.com/provisioning/EapCommon";>25</Type>
<VendorId
xmlns="http://www.microsoft.com/provisioning/EapCommon";>0</VendorId>
<VendorType
xmlns="http://www.microsoft.com/provisioning/EapCommon";>0</VendorType>
<AuthorId
xmlns="http://www.microsoft.com/provisioning/EapCommon";>0</AuthorId>
</EapMethod>
<Config
xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1";
xmlns:msPeap="http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1";
xmlns:msChapV2="http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1";>
<baseEap:Eap>
<baseEap:Type>25</baseEap:Type>
<msPeap:EapType>
<msPeap:FastReconnect>true</msPeap:FastReconnect>
<msPeap:InnerEapOptional>0</msPeap:InnerEapOptional>
<baseEap:Eap>
<baseEap:Type>26</baseEap:Type>
<msChapV2:EapType>
<msChapV2:UseWinLogonCredentials>false</msChapV2:UseWinLogonCredentials>
</msChapV2:EapType>
</baseEap:Eap>
</msPeap:EapType>
</baseEap:Eap>
</Config>
</EapHostConfig>
</EAPConfig>
</OneX>
</security>
</MSM>
</WLANProfile>

Here's the xml used in WlanSetProfileEapXmlUserData after WlanSetProfile has
successfully been called (this call is the only difference between this and
other profiles. But it does work in the user-mode app.):

<?xml version="1.0" ?>
<EapHostUserCredentials
xmlns="http://www.microsoft.com/provisioning/EapHostUserCredentials";
xmlns:eapCommon="http://www.microsoft.com/provisioning/EapCommon";
xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapMethodUserCredentials";>
<EapMethod>
<eapCommon:Type>25</eapCommon:Type>
<eapCommon:AuthorId>0</eapCommon:AuthorId>
</EapMethod>
<Credentials
xmlns:eapUser="http://www.microsoft.com/provisioning/EapUserPropertiesV1";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:baseEap="http://www.microsoft.com/provisioning/BaseEapUserPropertiesV1";
xmlns:MsPeap="http://www.microsoft.com/provisioning/MsPeapUserPropertiesV1";
xmlns:MsChapV2="http://www.microsoft.com/provisioning/MsChapV2UserPropertiesV1";>
<baseEap:Eap>
<baseEap:Type>25</baseEap:Type>
<MsPeap:EapType>
<MsPeap:RoutingIdentity>username</MsPeap:RoutingIdentity>
<baseEap:Eap>
<baseEap:Type>26</baseEap:Type>
<MsChapV2:EapType>
<MsChapV2:Username>username</MsChapV2:Username>
<MsChapV2:Password>password</MsChapV2:Password>
<MsChapV2:LogonDomain>domain</MsChapV2:LogonDomain>
</MsChapV2:EapType>
</baseEap:Eap>
</MsPeap:EapType>
</baseEap:Eap>
</Credentials>
</EapHostUserCredentials>

Thanks for any help!
.

Follow-Ups:
- Re: WlanSetProfileEapXmlUserData Security Context Question
  - From: Pavel A.

Prev by Date: Re: Socket question
Next by Date: Re: WlanSetProfileEapXmlUserData Security Context Question
Previous by thread: Retrive local mac address
Next by thread: Re: WlanSetProfileEapXmlUserData Security Context Question
Index(es):
- Date
- Thread

Relevant Pages

RE: Installing WindowsService to system without Visual Studio Tool
... So, for my production machine, which is a Windows 2003 Server, it worked well. ... you've built a .NET windows service project and can ... What you need is an additional Setup project for your service projecct's ... project and use installer class for install. ...
(microsoft.public.vsnet.setup)
RE: Best way - W2k Domain to W2k3 Domain - Keep user profiles
... we recommend you do migration from Windows 2000 to SBS ... This is the best way to keep data including user profiles, ... Migrating from Small Business Server 2000 or Windows 2000 Server to Windows ... Microsoft CSS Online Newsgroup Support ...
(microsoft.public.windows.server.sbs)
Re: mobile profiles with Oracle Connector
... this error appears only in mobile profiles, ... I save something in My documents but dont save this in mi server (moble ... change from win2k dont appears in windows XP or profiles server. ... Oracle Connector to access to server. ...
(microsoft.public.windows.server.active_directory)
RE: Profilemigration Problem
... USMT and Files and Settings transfer wizard both can migrate user profiles ... but they do not support Windows NT 4.0. ...
(microsoft.public.windows.server.migration)
Re: Deleted files come back
... 819536 Roaming profiles are not saved when a user logs off a Microsoft ... Windows 2000-based computer or a Microsoft Windows XP-based computer ... TS has c: and D: drives. ...
(microsoft.public.windows.terminal_services)