In this example GPO will be used to push an SSID configured for machine authentication using PEAP-MSCHAPv2 to Windows 7 domain member systems.
1. Open the domainGroup Policy Managementsnap-in.
2. Create a new GPO or use an existing GPO.
3.Editthe GPO and navigate to Computer Configuration>Policies> Window Settings>Security Settings>Public Key Policies>Wireless Network (IEEE 801.X) Policies.
4.Right ClickWireless Network (IEEE 801.X) Policiesand chooseCreate a New Windows Vista Policy.
5.Provide aVista Policy Name:
6.ClickAddforConnect to available networks…
7.ChooseInfrastructure.
8.On theConnectiontab, provide aProfile Name:and enter the SSID of the wireless network forNetwork Name(s).ClickAdd.
9.Click theSecuritytab. Configure the following:
Authentication:WPA2-Enterprise or WPA-Enterprise
Encryption:AES or TKIP
Network Authentication Method:Microsoft: Protected EAP (PEAP)
Authentication mode: User Authentication
10. ClickProperties.
11.ForTrusted Root Certification Authoritiesselect the check box next to each CA in the Active Directory PKIinfrastructure and clickOK.
OR Choose to ignore cert by just removing ”Validate Server Certificate”
12.ClickOK toclose out and clickApplyon wireless policy page to save the settings.
13.Apply the GPO to the domain or OU containing the domain member computers.
Filter computer with WMI is handles on another post
