Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. A client computer cannot connect to a wireless network if the wireless GPO is applied to a wireless network server that is running Windows Server 2003

A client computer cannot connect to a wireless network if the wireless GPO is applied to a wireless network server that is running Windows Server 2003

View products that this article applies to.

Symptoms

Consider the following scenario. You have a client computer that is running Microsoft Windows XP Service Pack 1 (SP1). The hotfix that is described in one of the following Microsoft Knowledge Base articles is installed on this computer:
826942� Wireless update rollup package for Windows XP is available
892087� "At least one of your changes was not applied successfully to the wireless configuration" message when you try to add a wireless network to a Windows XP Professional-based computer
Additionally, this computer can connect to a wireless network server that is running Microsoft Windows Server 2003. After you create a wireless Group Policy object (GPO) on a computer that is running Microsoft Windows Server 2003, the Windows XP SP1-based client computer can no longer connect to the wireless network. Additionally, the following errors are logged in the Eapol.log file:
[988] 11:49:02: ElGetUserIdentity: NULL sized EAP blob: continue
[988] 11:49:02: ElGetUserIdentity: Error in calling GetIdentity = 703
Notes
  • You create the wireless GPO on a computer that is running one of the following Windows Server 2003 installations:
    • Windows Server 2003 SP1
    • Windows Server 2003 with the hotfix from Knowledge Base article 811233 installed
  • The Eapol.log file is located in the %windir%\Tracing folder. To enable this log, type the following at a command prompt:
    netsh ras set tracing eapol enabled
    Note %windir% is the folder in which Windows is installed. By default, Windows is installed in the C:\Windows folder.
  • A client computer that is running Windows XP Service Pack 2 (SP2) can connect to the wireless network, even if the wireless GPO is applied to the wireless network.

↑ Back to the top

Cause

This problem occurs because the binary large object (BLOB) that is sent to the client computer does not contain information about Extensible Authentication Protocol (EAP) authentication. In other words, the EAP binary large object is null. The binary large object is provided by the wireless GPO.

Note When the binary large object is null, a computer that is running Windows XP SP2 can create a default binary large object to connect to the wireless network.

↑ Back to the top

Resolution

To resolve this issue, follow these steps:
  1. Start the Group Policy Object Editor.
  2. Expand Windows Settings for Computer Configuration, and then expand Security Settings.
  3. In the console tree, right-click Wireless Network (IEEE 802.11) Policies, and then click Create Wireless Network Policy.
  4. In the New Wireless Network Policy Properties dialog box, click Add to add a preferred network on the Preferred Networks tab.
  5. On the IEEE 802.1x tab, click Smart Card or other certificate in the EAP type field. Click Settings to configure the properties of the selected EAP type.
This resolution makes sure that, when you create the wireless policy, the wireless GPO has an EAP binary large object.

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

Keywords: KB913540, kbbug, kbtshoot

↑ Back to the top

Article Info
Article ID : 913540
Revision : 9
Created on : 10/11/2007
Published on : 10/11/2007
Exists online : False
Views : 314