security (MSM) element (for WLAN_profile)

The security (MSM) element contains various security settings.

<xs:element name="security"
    minOccurs="0"
 >
    <xs:complexType>
        <xs:sequence>
            <xs:element name="authEncryption"
                minOccurs="0"
                ...
             />
            <xs:element name="sharedKey"
                minOccurs="0"
                ...
             />
            <xs:element name="keyIndex"
                minOccurs="0"
             >
                <xs:simpleType>
                    <xs:restriction base="xs:integer">
                        <xs:minInclusive value="0">
                        <xs:maxInclusive value="3">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="PMKCacheMode"
                minOccurs="0"
             >
                <xs:simpleType>
                    <xs:restriction base="xs:string">
                        <xs:enumeration value="disabled">
                        <xs:enumeration value="enabled">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="PMKCacheTTL"
                minOccurs="0"
             >
                <xs:simpleType>
                    <xs:restriction base="xs:integer">
                        <xs:minInclusive value="5">
                        <xs:maxInclusive value="1440">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="PMKCacheSize"
                minOccurs="0"
             >
                <xs:simpleType>
                    <xs:restriction base="xs:integer">
                        <xs:minInclusive value="1">
                        <xs:maxInclusive value="255">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="preAuthMode"
                minOccurs="0"
             >
                <xs:simpleType>
                    <xs:restriction base="xs:string">
                        <xs:enumeration value="disabled">
                        <xs:enumeration value="enabled">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="preAuthThrottle"
                minOccurs="0"
             >
                <xs:simpleType>
                    <xs:restriction base="xs:integer">
                        <xs:minInclusive value="1">
                        <xs:maxInclusive value="16">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <!-
                Extension point for other namespaces, including the OneX
                namespace currently used for optional IEEE802.1X configuration.
             ->
            <xs:any
                processContents="lax"
                minOccurs="0"
                maxOccurs="unbounded"
                namespace="##other"
             />
        </xs:sequence>
    </xs:complexType>
</xs:element>

Parent elements

Child elements

Element Type Description
authEncryption Specifies the authentication and encryption pair to be used for this profile.
sharedKey Contains shared key information.
keyIndex Specifies which key index should be used to encrypt wireless traffic. This is used only when keyType is set to "networkKey".
PMKCacheMode Indicates whether PMK caching will be used. This element is valid only for WPA2-defined networks.
Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.
PMKCacheTTL Indicates the length of time, in minutes, that a PMK cache will be kept. This element is valid only for WPA2-defined networks with PMKCache mode set to enabled.
Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.
PMKCacheSize Specifies the number of entries in the PMK cache on the client. This element is valid only for WPA2-defined networks with PMKCache mode set to enabled. If PMKCache mode is enabled, and this element is absent, the size of the cache defaults to 128 entries.
Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.
preAuthMode Determines if pre-authentication will be used by the client. Pre-authentication enables WPA2 secure fast roaming. This element is valid only for WPA2-defined networks with PMKCache mode set to enabled. If PMKCache mode is enabled, and this element is absent, the default value is disabled.
Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.
preAuthThrottle Indicates the number of tries when preauthenticating to neighboring APs. This element is valid only for WPA2-defined networks with PMKCache mode set to enabled. If PMKCache mode is enabled, and this element is absent, the number of tries defaults to 3.
Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.
OneX Optional IEEE802.1X configuration.

keyIndex

Specifies which key index should be used to encrypt wireless traffic. This is used only when keyType is set to "networkKey".

PMKCacheMode

Specifies whether PMK caching will be used. This element is valid only for WPA2-defined networks. PMK caching is described in the 802.11i specification.

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.

PMKCacheTTL

Specifies the length of time, in minutes, that a PMK cache will be kept. This element is valid only for WPA2-defined networks with PMKCacheMode set to "enabled".

PMK caching is described in the 802.11i specification.

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.

PMKCacheSize

Specifies the number of entries in the PMK cache on the client. This element is valid only for WPA2-defined networks with PMKCacheMode set to "enabled". If PMKCacheMode is enabled, and PMKCacheSize is absent, then the size of the cache defaults to 128 entries.

PMK caching is described in the 802.11i specification.

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.

preAuthMode

Specifies whether pre-authentication will be used by the client. Pre-authentication is necessary for WPA2 secure fast roaming. This element is valid only for WPA2-defined networks with PMKCacheMode set to "enabled". If PMKCacheMode is enabled, and preAuthMode is absent, then the default value is "disabled".

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.

preAuthThrottle

Specifies the number of pre-authentication attempts to try on neighboring APs. This element is valid only for WPA2-defined networks with PMKCacheMode set to "enabled". If PMKCacheMode is enabled, and preAuthThrottle is absent, then the number of tries defaults to 3.

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported.

Examples

To view sample profiles that use the security element, see Wireless profile samples.

Requirements

Requirement Value
Minimum supported client Windows Vista, Windows XP with SP3 [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Redistributable Wireless LAN API for Windows XP with SP2