Freigeben über

Added support for 802.1x in Windows PE

  • Artikel

EDIT:  This topic has now been blogged in detail here.

 

Since the dawn of time, Windows PE (WinPE) has not had any support for the 802.1x authentication protocol. This meant that any network deployment of Windows via a network secured with 802.1x was a non-starter, causing headaches for a few on my customers; I actually had one customer that ran new network cables to a majority of the desks in order to be able to deploy Windows XP over the network.

However, thanks in part to a colleague of mine who worked on this, Microsoft has released hotfixes that now add 802.1x support to both WinPE 2.1 and WinPE 3.0. You can get the hotfixes and further information at the below links:

WinPE 2.1: https://support.microsoft.com/kb/975483

WinPE 3.0: https://support.microsoft.com/kb/972831

I wanted to share the links now, but in the near future I will write up a post on how to use these hotfixes in your deployments.

 

This post was contributed by Daniel Oxley a consultant with Microsoft Consulting Services Spain

Disclaimer: The information on this site is provided "AS IS" with no warranties, confers no rights, and is not supported by the authors or Microsoft Corporation. Use of included script samples are subject to the terms specified in the Terms of Use .

Comments

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    First of all, I want to apologise for the lack of responses from me.  I need to fix this! I have not neglected this topic, but as you'll see soon, this is a rather complicated and long article to write as it covers many topics and areas that can be quite difficult. It has taken me a lot longer to get all of the information together, and a lot of the process have been defined through sheer trial and error.  Also, given the fact that I can't test this all in Hyper-V - the publishing of the post has gotten delayed. I am hoping to publish the post this week or early next week, I need to finish going through it and also test all the steps first to make sure it is right. Again, apologies for the delay, Daniel

  • Anonymous
    January 01, 2003
    Najam, see this post: http://blogs.technet.com/deploymentguys/archive/2010/03/02/adding-support-for-802-1x-to-winpe.aspx Daniel

  • Anonymous
    January 16, 2010
    OMG, this is the best news I've heard all year.  I can't wait for your followup article!  This will make my job about a thousand times easier.

  • Anonymous
    January 24, 2010
    Just wondering, how is it that a KB article is published and a Hotfix made available all in lieu of -any- documentation!?

  • Anonymous
    January 28, 2010
    We are still eagerly awaiting Microsoft to show us how it works.  In ConfigMgr 2007 OSD would be really handy.  

  • Anonymous
    January 28, 2010
    So, Microsoft spent time working on 802.1x support for WinPE, but remains completely silent on supporting PowerShell / .NET in WinPE? Smooth ...

  • Anonymous
    February 01, 2010
    Daniel, I was intimating that I felt that Microsoft should have held these hotfixes back until such time that it could provide proper documentation with them, in an official manner. In lieu of it, they are practically useless. Nothing to do with your blogging, or the documentation that you personally are working on :) (I feel, quite strongly, that Microsoft shouldn't expect people to have to scour blog posts for the requisit infomation to use a feature in your products.)

  • Anonymous
    February 04, 2010
    Extremely eager to read through this documentation...

  • Anonymous
    February 18, 2010
    Hey all, Any chance of getting sight of documentation? Rgrds, Adam

  • Anonymous
    February 23, 2010
    Microsoft has draft documents for configuring this. I opened a premier support ticket and they sent them to me in an unfinished state. I'm still trying to get it working.

  • Anonymous
    February 28, 2010
    Useful information can be found at: http://social.technet.microsoft.com/Forums/en/configmgrosd/thread/d246a2e0-2418-4906-ad04-5f14f858a1cd

  • Anonymous
    March 01, 2010
    Mike - Assuming you're not under any form of NDA etc, would there be any chance you could put a copy of them up somewhere?

  • Anonymous
    April 16, 2010
    I don't see how this WinPE fix can help 802.1x auth unless you create a WinPE disk. Then it's not really PXE-boot neither, as you boot from a disk or USB. when a client tries to connect thru a 802.1x enabled port, after you press F12, it sends out a Bootp request to the the ip address of the ftp-server where it can download the new image, incl WinPe. However, the client don't get an ip address because of the EAPOL autentication. The client has nothing to ID itself with, except for the MAC-address. Hence, this will not fix 802.1x support for PXE boot. Or have I missed out on something?

  • Anonymous
    April 26, 2010
    Hi Daniel: If the documentation is not ready, could you please guide me that where should I install this update. We have Windows 2008 WDS, should I install on this server? If yes, it couldn't be installed. Kindly, tell us some basic installation or configuration tips or guidance.

  • Anonymous
    October 06, 2010
    I have to agree with Bjorn Johansson unless, something is not being described here. How do we get to WinPE. You need an ip address first before you get that WinPE boots. Can you shed more light on that one. How do I get an address unless Iam authenticated first..