Working with Wireless GPO Settings from XP SP2
I found this nice blog by Darren Mar-Elia regarding an issue with editing wireless GPO settings from a Windows XP SP2 machine. I thought it was interesting enough to share, so here is my interpretation of it.
If you may recall, Windows Server 2003 has added quite a few good GPO settings, some of which only work on Windows XP and above, and some require XP SP2 and above. One of the nicest security settings is the ability to create a wireless settings GPO that will require your client computers to connect only to a predefined set of wireless networks, and to require various security settings such as the type of wireless network access, level of encryption, method of authentication and more.
When creating and editing these wireless GPO settings you need to first have a Windows Server 2003 Domain. This is because of various additions to the AD Schema that the first Windows Server 2003 DC introduces (read Windows 2003 ADPrep). It uses the msieee80211-Policy class that was added in the 2003 AD schema to store the policy settings.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
After you have a Windows Server 2003 Domain in place, you will need to create a new GPO or edit an existing GPO and add the wireless settings to it. Read Creating Wireless GPO Setting for more info.
Editing this new GPO from one of your Windows Server 2003 DCs is fine, but some of you might want to perform the editing and management of the Wireless GPO settings from a Windows XP workstation that you’re using as your management station. This is where this article comes in handy.
When trying to edit these settings from a Windows XP workstation you’ll find that the WiFi GPO settings are not accessible, as you can see from the following screenshots:
(Editing a Wireless GPO from Windows XP Pro)
(No Wireless settings node in the GPO)
So, in order to get the Wireless GPO settings on a Windows XP Pro workstation you need to perform the following steps:
- Copy the following files from the %systemroot%\system32 folder on an Windows Server 2003 server to the %systemroot%\system32 folder on your Windows XP workstation:
Lamer note: %systemroot%\system32 means the system32 folder found in your Windows folder, in your system partition, typically C:.
- Next, register wlsnp.dll, which is the actual MMC extension snap-in by running the following from a command line or from the Run menu: