WPA-2 Enterprise is pretty sweet. It allows you to require an Active Directory (any back-end database, really) username and password in order to gain access to the wireless network. No more static passwords. And to manage access, you just manage Active Directory membership.
Sounds great, but if you’ve tried this out of the box with Windows 7 you probably got a face full of fail. Windows 7 just tells you that it failed to connect and doesn’t go into details. Here’s the solution:
- Open the ‘Network and Sharing Center’
- Click on ‘Manage wireless networks’ (on the left)
- Find the network that’s giving you trouble and delete it (remove from list)
- Go back to the right portion and select ‘Set up a new connection or network’
- Choose ‘Manually connect to a wireless network’
- Give it a network name and choose ‘WPA2-Enterprise’ as the Security type
- Choose AES as the Encryption type
- Check the box for ‘Connect even if the network is not broadcasting’
- When you select next it will ask you if you want to ‘Change connection settings’. Say yes.
- Select the ‘Security’ tab of that window
- Click the ‘Settings’ button
- Disable the ‘Validate server certificate’ 1
- On the next screen go to the ‘Select Authentication Method’ section and click the ‘Configure’ button
- Deslect the ‘Automatically use my Windows login name and password’ option
Now when you connect it will prompt you for a username and password. Nice of them to bury that option 14 levels deep. I’m surprised there weren’t armed guards. ::
1 If you know how to avoid disabling the server cert validation, do let me know. This is highly not cool.