2.2.1.1.4 Wireless Profile Settings Version A

This section specifies the profile settings data format for BLOB version 1 and version 2.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

SSID (64 bytes)

...

...

SSIDLength

802.11Encryption

ProfileIndex

802.11Authentication

AutomaticKeyProvision

NetworkType

Enable8021x

8021xSupplicantMode

EAPType

EAPDataLen

EAPData (variable)

...

MachineAuthentication

MachineAuthenticationType

GuestAuthentication

802.1XMaxStart

802.1XStartPeriod

802.1XAuthPeriod

802.1XHeldPeriod

DescriptionLen

Description (variable)

...

SSID (64 bytes): An array of 32 Unicode characters specifying the wireless LAN network name, also known as the service set identifier (SSID) as specified in [IEEE802.11-2007]. If the actual SSID length is less than 32 Unicode characters, the remaining bytes MUST be set to 0.

SSIDLength (4 bytes): A 4-byte unsigned integer specifying the number of Unicode characters in the SSID. The value MUST be within the range of 0 and 32.

802.11Encryption (4 bytes): An unsigned integer specifying the type of 802.11 encryption method to be used by domain clients for connecting to this WLAN.

For wireless policy sub-BLOB version 1, this value MUST be one of the following.

Value

Meaning

0

Encryption Disabled

1

WEP

For wireless policy sub-BLOB version 2, this value MUST be one of the following.

Value

Meaning

0

Encryption Disabled

1

WEP

2

Temporal Key Integrity Protocol (TKIP)

3

Advanced Encryption Standard (AES) encryption method is as specified in [IEEE802.1X] and [IEEE802.11i].

ProfileIndex (4 bytes): A 4-byte unsigned integer specifying the index of this wireless profile setting in the array of wireless profiles contained in the WirelessProfileSettingsData field of the Wireless Policy Data packet. The value MUST be within the range of 0 to (NumberOfWirelessProfileSettings-1).

802.11Authentication (4 bytes): An unsigned integer indicating the type of 802.11 authentication the domain clients use for connecting to the WLAN.

For wireless policy sub-BLOB version 1, this value MUST be one of the following.

Value

Meaning

0

Open 802.11 authentication

1

Shared 802.11 authentication

For wireless policy sub-BLOB version 2, this value MUST be one of the following.

Value

Meaning

0

Open 802.11 authentication

1

Shared 802.11 authentication

3

WPA-Enterprise 802.11 authentication

4

WPA-Personal 802.11 authentication

For more information on WPA-based authentication, see [IEEE802.11-2007] and [IEEE802.1X].

AutomaticKeyProvision (4 bytes): A 4-byte unsigned integer. If nonzero, the domain client is provided with a WEP encryption key through some means other than manual configuration, such as a key provided on the network adapter or through IEEE 802.1X authentication. If 0, the domain client is provided with a WEP encryption key through manual configuration.

NetworkType (4 bytes): A 4-byte unsigned integer specifying the type of network represented by this wireless profile setting. It MUST be one of the following values.

Value

Meaning

1

Ad hoc WLAN

2

Infrastructure (access point-based) WLAN

Enable8021x (4 bytes): A 4-byte unsigned integer; a nonzero value specifies that the domain client uses the IEEE 802.1X authentication protocol [IEEE802.1X] to authenticate with the WLAN. A 0 value specifies that the domain client does not use the IEEE 802.1X authentication protocol.

8021xSupplicantMode (4 bytes): A 4-byte unsigned integer; specifies the transmission behavior of the EAPOL-Start message for domain clients when they authenticate to a WLAN using IEEE 802.1X. This value MUST be one of the following.

Value

Meaning

1

Specifies that EAPOL-Start messages are not sent.

2

Client determines when to send EAPOL-Start messages based on network capability and, if needed, sends an EAPOL-Start message.

3

Transmit per IEEE 802.1X. Sends an EAPOL-Start message upon association to initiate the IEEE 802.1X authentication process.

EAPType (4 bytes): A 4-byte unsigned integer; specifies the Extensible Authentication Protocol (EAP) method to be used by the domain clients while using IEEE 802.1X authentication to connect to a WLAN. The value for this field MUST be a legal EAP method type, as specified in [RFC3748] section 6.2.

EAPDataLen (4 bytes): A 4-byte unsigned integer specifying the length of the EAPData field.

EAPData (variable): A BLOB specifying EAP configuration settings to use while performing IEEE 802.1X authentication. The format of the BLOB is implementation-specific; if Microsoft EAP methods are used by the clients, the formats specified in section 2.2.3.1 MUST be used.

MachineAuthentication (4 bytes): A 4-byte unsigned integer; a nonzero value specifies that the domain client uses machine credentials to perform IEEE 802.1X authentication.

MachineAuthenticationType (4 bytes): A 4-byte unsigned integer. This value specifies the way in which the domain client is to use machine or user credentials while performing IEEE 802.1X authentication. This value MUST be one of the following.

Value

Meaning

0

With user authentication. When users are not logged on to the domain computer, IEEE 802.1X authentication is performed using the computer credentials. After a user logs on to the computer, authentication is maintained with the computer credentials. If a user failed to connect to the network previously, IEEE 802.1X authentication is performed using the user credentials.

1

With user re-authentication. When users are not logged on to the domain computer, IEEE 802.1X authentication is performed using the computer credentials. After a user logs on to the computer, authentication is performed using the user credentials. When a user logs off the computer, authentication is performed with the computer credentials.

2

Computer-only authentication. Authentication is performed using the computer credentials. User authentication is not performed.

GuestAuthentication (4 bytes): A 4-byte unsigned integer; a nonzero value specifies that the domain client performs IEEE 802.1X authentication with guest credentials when either user or computer credentials are not available.

802.1XMaxStart (4 bytes): A 4-byte unsigned integer; the value MUST be defined in accordance with the MaxStart parameter, as specified in [IEEE802.1X].

802.1XStartPeriod (4 bytes): A 4-byte unsigned integer, defined in accordance with the StartPeriod parameter, as specified in [IEEE802.1X].

802.1XAuthPeriod (4 bytes): A 4-byte unsigned integer; the value MUST be defined in accordance with the AuthPeriod parameter, as specified in [IEEE802.1X].

802.1XHeldPeriod  (4 bytes): A 4-byte unsigned integer; the value MUST be defined in accordance with the HeldPeriod parameter, as specified in [IEEE802.1X].

DescriptionLen (4 bytes): A 4-byte unsigned integer specifying the length of a Unicode text string describing the wireless network associated with the wireless profile Setting.

Description (variable): A Unicode string specifying a human-readable description for the wireless network associated with the wireless profile setting.