Wireless Certificate setting vanish after Group Policy Applies RRS feed

  • Question

  • Environment

    Platform – Windows Server 2003 R2, Windows XP client SP3

    Forest Functional Level – Windows Server 2003


    ·         The client has setup a Wireless Network using Aruba and RADIUS

    ·         Protocol used is 802.1x with PEAP-MSCHAPv2

    ·         Certificate-based.  Private certificate issued by internal Certificate Server (AD Integrated)

    ·         Client certificate configuration is configured on XP clients via Group Policy (The followed the MS process from their Best Practice guide)





    ·         On one of the sites the wireless settings are erased/dropped every 90 minutes or so (When Group Policy is updated).  This means that users no longer have access to the wireless network.  The settings also vanish before the 90 minutes if a manual 'gpupdate /force' is run, confirming the GPO applying is having this effect.

    ·         The only workaround is to connect to an Ethernet port and run the ‘GPUPDATE /FORCE’ command, at which point the GPO settings are reapplied for another 90 minutes or so.

     Fixing the issue temporarily using  ‘GPUPDATE /FORCE’ ONLY works over a wired connection and NOT over a wireless connection. 

    If the certificate settings are configured manually, they are retained and even a ‘gpupdate /force’ works over the wireless. 


    Has anyone seen this type of behaviour before? I am at a loss as to what could be causing this.



    Jose Lopez





    Wednesday, May 18, 2011 7:50 PM