802.1x settings in group policy

[Guest]

Archived from groups: microsoft.public.windows.networking.wireless,microsoft.public.windows.server.active_directory (More info?)

I have a system with Windows 2000 server DC (SP4, AD 2000 native mode) and
all XP pro sp2 workstations. I have one 2003 member server and two other
2000 member servers (sp4).

I need to roll out the 802.1x setting for a wireless network using IAS
radius server using Group Policy. Is there a way to make a Group Policy for
802.1x without upgrading my DC to 2003 or promoting my 2003 member server a
DC? How?

Does running 2003 Forestprep and Domprep bring my 2000 AD to a point where I
can install the GP tools on a XP workstation and create the policy?

Ken

 

[Guest]

Archived from groups: microsoft.public.windows.networking.wireless,microsoft.public.windows.server.active_directory (More info?)

> Does running 2003 Forestprep and Domprep bring my 2000 AD to a point where
> I can install the GP tools on a XP workstation and create the policy?

No it does not. However, with the administration tools and/ or the GPMC you
can edit GPOs from the 2003 and/ or XP machines which will automatically
update the .adm files on the PDCe (or DC that you are working on -by
default, this is the PDCe).

There's a bug with XP SP2 that you need to be aware of though:
-- http://support.microsoft.com/?id=842933


--
Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

 

[Guest]

Archived from groups: microsoft.public.windows.networking.wireless,microsoft.public.windows.server.active_directory (More info?)

So do I have to upgrade my 2000 server DC to 2003 if I want to use 802.1x
group policy settings? If not then how?


"ptwilliams" <ptw2001@hotmail.com> wrote in message
news:ebukOcaOFHA.2356@TK2MSFTNGP14.phx.gbl...
>> Does running 2003 Forestprep and Domprep bring my 2000 AD to a point
>> where
>> I can install the GP tools on a XP workstation and create the policy?
>
> No it does not. However, with the administration tools and/ or the GPMC
> you
> can edit GPOs from the 2003 and/ or XP machines which will automatically
> update the .adm files on the PDCe (or DC that you are working on -by
> default, this is the PDCe).
>
> There's a bug with XP SP2 that you need to be aware of though:
> -- http://support.microsoft.com/?id=842933
>
>
> --
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
>

 

[Guest]

Archived from groups: microsoft.public.windows.networking.wireless,microsoft.public.windows.server.active_directory (More info?)

No you don't need to update. You just need to configure the GPO from the
2003 and/ or an XP box.

Download and install the GPMC on an XP workstation or the 2003 member and
configure from there...


--
Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

 

[Guest]

Archived from groups: microsoft.public.windows.networking.wireless,microsoft.public.windows.server.active_directory (More info?)

What if I dont have a 2003 server?


"ptwilliams" <ptw2001@hotmail.com> wrote in message
news:ey6YVkaOFHA.4052@TK2MSFTNGP12.phx.gbl...
> No you don't need to update. You just need to configure the GPO from the
> 2003 and/ or an XP box.
>
> Download and install the GPMC on an XP workstation or the 2003 member and
> configure from there...
>
>
> --
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>
>

 

[Guest]

Archived from groups: microsoft.public.windows.server.active_directory,microsoft.public.windows.networking.wireless (More info?)

In your first post you state that you have a Windows 2003 member server.

I also stated, in two consecutive posts, that you can use EITHER a Windows
2003 server OR a Windows XP machine.

If you don't have an XP machine or a 2003 server, then you can't do this
unless you copy the .adm files from somebody with these files.

I assumed that you had the necessary .adm files and were wondering how to go
about integrating them into your Windows 2000 environment?!?!

--
Paul Williams

http://www.msresource.net/
http://forums.msresource.net/

 

[Guest]

Archived from groups: microsoft.public.windows.server.active_directory,microsoft.public.windows.networking.wireless (More info?)

Sorry. (Your right I do have a 2003 server.) I guess my question should
have been do I need a 2003 domain controller. I was under the impression
that creating the GP required at least one 2003 DC because of Active
Directory requirements, and not just the need for the correct .adm files.

I am familiar with running the admin toots and/or GPMC on XP but I did not
realize this would work with my current AD from a 2000 DC. I thought it was
a AD limitation.

Ken


"ptwilliams" <ptw2001@hotmail.donotspam.com> wrote in message
news:F2348BFE-5AB1-48C4-A779-41E5A57B0DA9@microsoft.com...
> In your first post you state that you have a Windows 2003 member server.
>
> I also stated, in two consecutive posts, that you can use EITHER a Windows
> 2003 server OR a Windows XP machine.
>
> If you don't have an XP machine or a 2003 server, then you can't do this
> unless you copy the .adm files from somebody with these files.
>
> I assumed that you had the necessary .adm files and were wondering how to
> go
> about integrating them into your Windows 2000 environment?!?!
>
> --
> Paul Williams
>
> http://www.msresource.net/
> http://forums.msresource.net/
>

 

[Guest]

Archived from groups: microsoft.public.windows.server.active_directory,microsoft.public.windows.networking.wireless (More info?)

If you use new admin templates to edit a GPO these are copied to the server
(that you are editing the GPO on). There's no requirement for a 2003 domain
to use the 2003 admin templates. And even if there was, the stuff you
require is in XPs admin templates and that does work.

Just read the issue I posted earlier re. XP SP2.

--
Paul Williams

http://www.msresource.net/
http://forums.msresource.net/