Guest Randy Smith Posted May 28, 2008 Posted May 28, 2008 Hello, I have a private CA used for WLAN authentication. My network has the following: a.. There is an existing Wireless infrastructure with several access points. a.. A Windows PKI infrastructure is already in place. a.. The certificate Authority does not use standard templates. a.. XP Notebooks are already running on WEP, EAP-TLS for authentication to the Wireless network. a.. They enroll the certificates through Windows group policy. a.. Microsoft's IAS is used for the Radius authentication, and is connected to the AD with the user accounts. Along with our Windows XP and 2000 systems we have several Windows Mobile 5 barcode scanners. I'd like to get these devices using the 802.1x WLAN security. I understand that I will have to manually install the certificate using a third party installer. What are some examples of good third party installers for this step? I would like AD to use a machine or computer certificate to authenticate a barcode scanner. Is this possible? If I must use personal certificates and authenticate to AD via the RADIUS server what is the best way to setup the user accounts? Several users will be using the barcode scanners and I do not want to assign scanners to users...they will just grab one from a pool that is available. I do want to be able to track connections and network changes back to a particular device/user. What is a good way to accomplish this? If anyone has any documentation or web links that could help with any of these questions it would be a huge help. Thanks in advance! Randy Quote
Guest S. Pidgorny Posted May 30, 2008 Posted May 30, 2008 I used this one: http://www.jacco2.dds.nl/networking/p12imprt.html -- Svyatoslav Pidgorny, MS MVP - Security, MCSE -= F1 is the key =- http://sl.mvps.org http://msmvps.com/blogs/sp "Randy Smith" <smittyrt@gmail.com> wrote in message news:OFQ9UfNwIHA.4476@TK2MSFTNGP06.phx.gbl...<span style="color:blue"> > Hello, > > I have a private CA used for WLAN authentication. My network has the > following: > > a.. There is an existing Wireless infrastructure with several access > points. > a.. A Windows PKI infrastructure is already in place. > a.. The certificate Authority does not use standard templates. > a.. XP Notebooks are already running on WEP, EAP-TLS for authentication to > the Wireless network. > a.. They enroll the certificates through Windows group policy. > a.. Microsoft's IAS is used for the Radius authentication, and is > connected to the AD with the user accounts. > > Along with our Windows XP and 2000 systems we have several Windows Mobile > 5 barcode scanners. I'd like to get these devices using the 802.1x WLAN > security. I understand that I will have to manually install the > certificate using a third party installer. > > What are some examples of good third party installers for this step? > > I would like AD to use a machine or computer certificate to authenticate a > barcode scanner. Is this possible? > > If I must use personal certificates and authenticate to AD via the RADIUS > server what is the best way to setup the user accounts? Several users > will be using the barcode scanners and I do not want to assign scanners to > users...they will just grab one from a pool that is available. > > I do want to be able to track connections and network changes back to a > particular device/user. What is a good way to accomplish this? > > If anyone has any documentation or web links that could help with any of > these questions it would be a huge help. Thanks in advance! > > > Randy > </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.