Windows 7 / Networking

Using Group Policy to Configure Wireless Settings

In AD DS environments, you can use Group Policy settings to configure wireless network policies. For best results, you should have Windows Server 2003 SP1 or later installed on your domain controllers because Microsoft extended support for wireless Group Policy settings when they released SP1.

Before you can use Group Policy to configure wireless networks, you need to extend the AD DS schema using the 802.11Schema.ldf file included on this book's companion media. If you do not have access to the companion media, you can copy the schema file from To extend the schema, follow these steps:

  1. Copy the 802.11Schema.ldf file to a folder on a domain controller.
  2. Log on to the domain controller with Domain Admin privileges and open a command prompt.
  3. Select the folder containing the 802.11Schema.ldf file and run the following command (where Dist_Name_of_AD_Domain is the distinguished name of the AD DS domain whose schema is being modified.
    ldifde -i -v -k -f 802.11Schema.ldf -c DC=X Dist_Name_of_AD_Domain
  4. Restart the domain controller.

After you extend the schema, you can configure a wireless network policy by following these steps:

  1. Open the Active Directory GPO in the Group Policy Object Editor.
  2. Expand Computer Configuration, Windows Settings, Security Settings, and then click Wireless Network (IEEE 802.11) Policies.
  3. Right-click Wireless Network (IEEE 802.11) Policies and then click Create A New Windows Vista Policy. The Wireless Network Properties dialog box appears.
  4. To add an infrastructure network, click Add and then click Infrastructure to open the Connection tab of the New Profile Properties dialog box. In the Network Names list, click NEWSSID and then click Remove. Then, type a valid internal SSID in the Network Names box and click Add. Repeat this to configure multiple SSIDs for a single profile. If the network is hidden, select the Connect Even If The Network Is Not Broadcasting check box.
  5. On the New Profile Properties dialog box, click the Security tab. Use this tab to configure the wireless network authentication and encryption settings. Click OK.

Note This resource kit does not cover how to design wireless networks. However, you should avoid using Wired Equivalent Privacy (WEP) whenever possible. WEP is vulnerable to several different types of attack, and WEP keys can be difficult to change. Whenever possible, use WPA or WPA 2, which both use strong authentication and dynamic encryption keys. The settings described in the previous process will configure client computers to connect automatically to your internal wireless networks and to not connect to other wireless networks.

[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Networking
  2. Usability Improvements
  3. Network And Sharing Center
  4. Network Explorer
  5. How Windows Finds Network Resources
  6. How Windows Publishes Network Resources
  7. How Windows Creates the Network Map
  8. Network Map
  9. Set Up A Connection Or Network Wizard
  10. Manageability Improvements
  11. Network Location Types
  12. Policy-Based QoS
  13. Selecting DSCP Values
  14. Planning Traffic Throttling
  15. Configuring QoS Policies
  16. Configuring System-Wide QoS Settings
  17. Configuring Advanced QoS Settings
  18. Testing QoS
  19. Windows Firewall and IPsec
  20. Windows Connect Now in Windows 7
  21. Core Networking Improvements
  22. Networking BranchCache
  23. How Hosted Cache Works
  24. How Distributed Cache Works
  25. Configuring BranchCache
  26. BranchCache Protocols
  27. File Sharing Using SMB
  28. Web Browsing with HTTP (Including HTTPS)
  29. DNSsec
  30. GreenIT
  31. Efficient Networking
  32. What Causes Latency, How to Measure It, and How to Control It
  33. TCP Receive Window Scaling
  34. Scalable Networking
  35. Improved Reliability
  36. IPv6 Support
  37. 802.1X Network Authentication
  38. Server Message Block (SMB) 2.0
  39. Strong Host Model
  40. Wireless Networking
  41. Improved APIs
  42. Network Awareness
  43. Improved Peer Networking
  44. Services Used by Peer-to-Peer Networking
  45. Managing Peer-to-Peer Networking
  46. Peer-to-Peer Name Resolution
  47. EAP Host Architecture
  48. Layered Service Provider (LSP)
  49. Windows Sockets Direct Path for System Area Networks
  50. How to Configure Wireless Settings
  51. Configuring Wireless Settings Manually
  52. Using Group Policy to Configure Wireless Settings
  53. How to Configure TCP/IP
  54. DHCP
  55. Configuring IP Addresses Manually
  56. Command Line and Scripts
  57. How to Connect to AD DS Domains
  58. How to Connect to a Domain When 802.1X Authentication Is Not Enabled
  59. How to Connect to a Domain When 802.1X Authentication Is Enabled