Hi, In the midst of upgrading my RG-1x00 to a AP-1000, I discover that you can use static WEP and 802.1x WEP at the same time. So I think, great, I have a Win2K server, and a WinXP client, why not try it out.
Enabling 802.1x automatically disables Key 2,3,4. They also tell you to put a key in so that non-802.1x clients can log on. I'm not sure why the help file tells you to disable closed configuration, since I'll be manually telling WinXP what SSID it is, but anyhow... Install IAS, and install Certificate Services on Win2K. Run through the process outlined on MS's site. Find out I need 3 patches that can't be downloaded. Call up MS support, they give me the 3 files, but tells me there's two version of one file, one labeled SP3, the other SP4. Transfers me to "tech support", where the girl basically tells me they're braindead on Sundays... Manually look at the files, see it's just a text file (Q306260). The SP4 install is smaller, but the actual file in question is larger. Figure since the SP4 contains more information than the SP3 one, I'd install the SP4. Find out that you still have to type in the "manual command you have to type in" as outlined in the KB article even on the SP4 patch. Of course, the extra "patch" in the SP4 file barfs on SP2 system. If they give you the two choices, take the SP3, and make sure you type in the command before reboot. Try to fsck around with generating certs. Attempt to generate a cert for the laptop, tells me I can't start the wizard. Attempt to generate the same cert on the server, generates a cert for itself instead. Find out that 1) You have to be part of the domain or 2) have IIS running in order to generate a machine cert(!). Nasty note to M$: No, I don't want to be running IIS just so I can generate machine certs. Grudgingly add laptop to domain for the purpose of getting a cert. Generate machine cert, machine tells me that it can't find a certificate to use to log on(?). Find out that the machine cert store and the user cert store are two different things(!). Try to copy said machine cert to user cert store. Get an error 8 in the event viewer, "machinename.domain. the specified user does not exist". Remove machine cert from user cert store. Error 7 "INTERNAL/machine$. the specified domain does not exist". Why is it so *#@!ing hard to use 802.1x? Kevin "Starfox" Arima -- NYCwireless - http://www.nycwireless.net/ Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/ Archives: http://lists.nycwireless.net/pipermail/nycwireless/
