Configuring Active Directory for a Wireless Network

You must create an account for each user and each user group that will be connecting to the 802.1x network. 802.1x authentication requires a user and a domain name. User groups are required to configure EAP policies. You create user and group accounts by using Active Directory.

For information about how to create user and user group accounts in Active Directory, from Administrative Tools open Active Directory Users and Computers, and from the Help menu choose Help Topics. In the Active Directory Help, search for "Manage Users, Groups, and Computers."

To create user and user group accounts using Active Directory

  1. Create the following user accounts for the users who will access the wireless network:

    • eaptls
    • eappeap

    Set the following properties for each user in the Properties dialog box.

    • On the Dial-in tab, select the Allow access and No Callback options.
    • On the Accounts tab, select the Store password using reversible encryption account option, and then choose OK.
  2. Create the following user groups:

    • EAP-TLS
    • EAP-PEAP

    In the New Object – Group dialog box set the Group scope to Global and Group type to Security for each user group.

  3. Add the appropriate users to the user groups. The following table shows which user must be added to which group.

    User User group
    Eaptls EAP-TLS
    Eappeap EAP-PEAP

    To verify that you have successfully added your users to the appropriate groups, in the details pane, double-click each group and choose the Members tab. The member you added to each group appears in the member list.

See Also

How to Set Up a Wireless Network with a Security Infrastructure

Last updated on Wednesday, April 13, 2005

© 2005 Microsoft Corporation. All rights reserved.