Tuesday, 8 December 2009

MacBook Pro 10.5.7 802.1X Login Windows

Well, a little ambitious but I thought I'd try and get the MacBook Pro's logining into the 802.1X wireless network at the login window (by the way they are on AD). Oh, and this would be the second time of trying, but I am trying everything I tried back then, just incase a recent update of OS X or the wireless system has any influence.


Alas, a different problem this time. It appears the wireless is actually broken on the MacBook Pro's after many images and re-images. Just re-running an update to see if that fixes the wireless. When I try and connect to the college wireless it comes up with "802.1X Authentication failed" ...... (error 1 on en 1) doh!. It might be because the image might have come from some other hardware (not a MacBook Pro)......Well, happened again. This solution worked:


Delete the system wide network settings:
Go to Macintosh HD/Library/Preferences



  • Drag SystemConfigurations to the trash, empty trash, restart.

found it on an apple discussion forum- http://discussions.apple.com/thread.jspa?threadID=1506347 


Seems to work fine on my iMac though.


Found this interesting page on Apple website:


http://support.apple.com/kb/HT3326


Seem to document it quite well, but I definitely tried all of this.


The most promising thing is the "Login Window" Profile. When that is ticked and ChesterfieldCollege is added to prefered networks, at the login screen it says "Network Login Required" or something similar. When you type in a username and password it thinks about it for a while with a spinny thinky thing to the right of the password box. But then shakes! looked at the logs and I did see the mention of "Certificate" failed to authenticate and something about 'not from a trusted authority' or something like that. This is what pointed me to the certificate problem.


Looking into it, when you first add yourself to the wireless you have to accept a certificate. If you look at the certificate before accepting it, it gives you the option to permanently accept it which is what I ticked. Still no luck.


One of my conclusions from before was that it was to do with the certificate. I found a lot of postings refering to a certificate you must get from your 'Administrator'. This must then be added permanently to the list of certificates in Keychain. So I'm probably best off talking to ICT Services.


Of course right now I have to deal with the MacBook Pro wireless error.... well, looks like I fixed that one by deleting Airport adaptor and re-adding it under the name "Airport 2". So I added to the wireless, went into keychain and made the certificates "Always trusted". Tried to login and got this message.


Definitely a certificate problem.


Well, last thing to try was a "System Login". Created one and worked a charm!!! Might create more wifi activity, but hopefully the system can cope with it. A note to make is that we login and use Networked home drives, so as soon as their is a weak signal, it all goes to pot. Oh well. 

MacBook Pro wireless issues after re-imaging

I guess I'm lucky to have 18 MacBook Pro's to look after as it's good to be constantly updating my knowledge with new equipment.


I've been having issues just recently after re-imaging all the MacBook Pro with windows XP using an identical MacBook Pro as a Master. The Master worked perfectly, but in hiensight, I think before taking the image, I should have run Sysprep, doh!


Anyway, after re-imaging I thought everything would be fine, little would I know, a day before their planned use I decided to test the MacBook Pros and found only 3 working on the wireless. After many many trials and tribulations, including ICT Services looking into it, James had a proper look into the settings of the wireless (although these should have been properly filled in with the College Policies over the network - which I think is the cause for all the problems). John Tuck suggested at the cmd prompt "gpupdate /force" which forces an update of policies in Windows. Still no college logo at login screen though.


Under the "advanced network settings" under "wireless networks", ChesterfieldCollege should be in the list of "Preferred networks" (had to manually add). "Network Authentication shoudl be "Open" and "Data encryption should be "WEP". Tick "The key is provided for me automatically"


Under "Authentication"  tick "Enable IEEE 802.1X, "EAP type" - "Protected EAP". Tick "Authenticate as computer....". Go to "properties", and untick "Validate server certificate". "Select Authentication Method" should be "Secured password (EAP-MSCHAP v2)"


The last little thing which needed doing (quite annoyingly because it doesn't really make sense?) is that I think the computer has to somehow use some wireless system before it starts doing it automatically. I just connected to ChesterfieldCollegeOpen and disconnected. Then put it back down in the list of "Preferred Networks" because it automatically puts it at the top. This somehow kick starts the wireless into working again (YAY!)


Well, I hope I use this sometime in the future, although I very much doubt it! Oh well, it was quite therapeutic to talk myself through it.


One of the things which really stumped me on this one was that it took 3 days to finally work out that the wireless in the classroom was not working properly anyway. It was like fixing something using something else which is broken!


Also, next time I'll try and use screen shots, might make things easier to explain.

My First Blog

Well, here it is, my first blog. Only time will tell if this pays off. Hopefully this will be the place I put interesting thoughts which I've had, and maybe think them through some more, and then dismiss them. I'll try and divide it up into work and personal but maybe the two are not separable at times (in which case I'll tag it with both).


I might even put down what I've done and how I've done it for future reference. My brain just isn't up to the task of remembering everything and I think this is the next best thing (other then teaching my brain to better remember things).