Re: Wireless Security

Why do you even need Certs?

Just use one of the variations of WPA and forget it. All you need to do is
secure the Wireless Radio Signal and that will do that.

I don't know what you mean by an "Enterprise Server".

User logging into the machines (failing, succeeding, whatever) has nothing
to do with "wireless". The wireless does nothing more than replace the
physical cables with a radio signal so the radio signal should have nothing
more to do with the users than a physical patch cable would have anything to
do with the users. Yes, I am aware that there are many things involving
wirless that get into Certs, user Certs, user authentication/identification,
etc,...but I just think that this needlessly over complicates things with
respect to all you really need.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------


"Myrt Webb" <myrtwebb@xxxxxxxxxxxxxx> wrote in message
news:%23p1OHa75IHA.300@xxxxxxxxxxxxxxxxxxxxxxx
We have a Win2003 domain. We have just added 8 laptops on carts that
connect to the domain using a wireless connection. The connection is
secured using EAP-TLS and user certificates.

We have two issues:
1. With a lot of users we have a requirement to install a lot of user
certificates on each laptop. There are no computer certificates installed.

2. I am having trouble administering these laptops. I have to install new
apps manually using an ethernet cable because they will not install using
group policy. My startup scripts will not run.

Question:

Is there an easier way to use EAP-TLS than just with users certificates?
Or an easier way to use certificates that does not make us install 40
certificates on each laptop?

BTW we do not have a Win2003 Enterprise server.





.

Relevant Pages

  • Re: How to install a new Enterprise Root Certificate Authority to replace an old one?
    ... I have now installed the new CA and deployed most of the new certificates. ... > The biggest issue will be the need to redeploy all certs. ... > CRL will no longer be available. ... Install a new Enterprise Root CA on the new DC. ...
    (microsoft.public.windows.server.security)
  • Re: ActiveSynch doesnt work w/ Windows Mobile 6.x
    ... Did you install any root certificates allow with the client certificates? ... These are required as a set when you create your own certs or use some certificate authorities. ...
    (microsoft.public.pocketpc.activesync)
  • Re: PKI Certificate Server Install in AD Empty Root Domain
    ... >> We are installing an Enterprise CA in our Active Directory 2003 Forest. ... >> If I install the CA in the forest root, will the certificates and auto ... can I use this CA to issue certs in another Forest? ...
    (microsoft.public.windows.server.security)
  • Re: Wireless network problem after upgrade to 8.04
    ... you might have some old settings running that are causing trouble. ... That wouldn't surprise me but the install told me that it was ... The LED light for the wireless device DOES NOT turn on, ... a pid file /var/run/dhclient.wlan0.pid with pid 9263 ...
    (Ubuntu)
  • Re: Wireless interface stopped working in Etch
    ... The same driver, built in the same way, will not ... systems is that the name allocated to the wireless interface is ... On the fresh install, the interface's name has been changed from wlan0 ...
    (Debian-User)