2.2.1.1.5 Wireless Profile Settings Version B
This section specifies the profile Settings Data format for BLOB version 3.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
SSID (64 bytes) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
SSIDLength |
|||||||||||||||||||||||||||||||
|
802.11 Encryption |
|||||||||||||||||||||||||||||||
|
ProfileIndex |
|||||||||||||||||||||||||||||||
|
802.11 Authentication |
|||||||||||||||||||||||||||||||
|
AutomaticKeyProvision |
|||||||||||||||||||||||||||||||
|
NetworkType |
|||||||||||||||||||||||||||||||
|
Enable8021x |
|||||||||||||||||||||||||||||||
|
8021xSupplicantMode |
|||||||||||||||||||||||||||||||
|
EAPType |
|||||||||||||||||||||||||||||||
|
EAPDataLen |
|||||||||||||||||||||||||||||||
|
EAPData (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
MachineAuthentication |
|||||||||||||||||||||||||||||||
|
MachineAuthenticationType |
|||||||||||||||||||||||||||||||
|
GuestAuthentication |
|||||||||||||||||||||||||||||||
|
802.1XMaxStart |
|||||||||||||||||||||||||||||||
|
802.1XStartPeriod |
|||||||||||||||||||||||||||||||
|
802.1XAuthPeriod |
|||||||||||||||||||||||||||||||
|
802.1XHeldPeriod |
|||||||||||||||||||||||||||||||
|
DescriptionLen |
|||||||||||||||||||||||||||||||
|
Description (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
PreferredSettingFlags |
|||||||||||||||||||||||||||||||
|
PreAuthModePresent |
|||||||||||||||||||||||||||||||
|
PreAuthThrottlePresent |
|||||||||||||||||||||||||||||||
|
PreAuthMode |
|||||||||||||||||||||||||||||||
|
PreAuthThrottle |
|||||||||||||||||||||||||||||||
|
PmkCacheModePresent |
|||||||||||||||||||||||||||||||
|
PmkCacheSizePresent |
|||||||||||||||||||||||||||||||
|
PmkCacheTTLSecPresent |
|||||||||||||||||||||||||||||||
|
PmkCacheMode |
|||||||||||||||||||||||||||||||
|
PmkCacheSize |
|||||||||||||||||||||||||||||||
|
PmkCacheTTLSec |
|||||||||||||||||||||||||||||||
SSID (64 bytes): An array of 32 Unicode characters specifying the WLAN name, also known as the SSID as specified in [IEEE802.11-2007]. If the actual SSID length is fewer than 32 Unicode characters, the remaining bytes MUST be set to 0.
SSIDLength (4 bytes): A 4-byte unsigned integer specifying the number of Unicode characters in the SSID. The value MUST be within the range of 0 and 32.
802.11 Encryption (4 bytes): For wireless policy sub-BLOB version 3, this value MUST be one of the following:
-
Value
Meaning
0
Encryption disabled
1
WEP
2
TKIP
3
The AES encryption method is as specified in [IEEE802.1X] and [IEEE802.11i].
ProfileIndex (4 bytes): A 4-byte unsigned integer specifying the index of this wireless profile setting in the array of wireless profiles contained in the WirelessProfileSettingsData field of the Wireless Policy Data packet. The value MUST be within the range of 0 to (NumberOfWirelessProfileSettings-1).
802.11 Authentication (4 bytes): An unsigned integer indicating the type of 802.11 authentication the domain clients use for connecting to the WLAN.
-
For wireless policy sub-BLOB version 3, this value MUST be one of the following:
-
Value
Meaning
0
Open 802.11 authentication
1
Shared 802.11 authentication
3
WPA-Enterprise 802.11 authentication
4
WPA-Personal 802.11 authentication
5
WPA2-Enterprise 802.11 authentication
6
WPA2-Personal 802.11 authentication
-
WPA2 authentication is as specified in [IEEE802.1X] and [IEEE802.11i].
AutomaticKeyProvision (4 bytes): A 4-byte unsigned integer. If nonzero, the domain client is provided with a WEP encryption key through some means other than manual configuration, such as a key provided on the network adapter or through IEEE 802.1X authentication; if 0, the domain client is provided with a WEP encryption key through manual configuration.
NetworkType (4 bytes): A 4-byte unsigned integer specifying the type of network represented by this wireless profile setting. It MUST be one of the following values.
-
Value
Meaning
1
Computer-to-computer (ad hoc) WLAN.
2
Infrastructure (access point-based) WLAN.
Enable8021x (4 bytes): A 4-byte unsigned integer. A nonzero value specifies that the domain client uses the IEEE 802.1X authentication protocol (as specified in [IEEE802.1X]) to authenticate with the WLAN; a 0 value specifies that the domain client does not use the IEEE 802.1X authentication protocol.
8021xSupplicantMode (4 bytes): A 4-byte unsigned integer; specifies the transmission behavior of the EAPOL-Start message for domain clients when they authenticate to a WLAN using IEEE 802.1X (as specified in [IEEE802.1X]). This value MUST be one of the following:
-
Value
Meaning
1
Specifies that EAPOL-Start messages are not sent.
2
Client determines when to send EAPOL-Start messages based on network capability and, if needed, sends an EAPOL-Start message.
3
Transmit per IEEE 802.1X. Sends an EAPOL-Start message upon association to initiate the IEEE 802.1X authentication process.
EAPType (4 bytes): A 4-byte unsigned integer; specifies the EAP method to be used by the domain clients while using IEEE 802.1X authentication (as specified in [IEEE802.1X]) to connect to a WLAN. The value for this field MUST be a legal EAP method type, as specified in [RFC3748] section 6.2.
EAPDataLen (4 bytes): A 4-byte unsigned integer specifying the length of the EAPData field.
EAPData (variable): A BLOB specifying EAP configuration settings to be used while performing IEEE 802.1X authentication. The format of the BLOB is implementation-specific; if Microsoft EAP methods are used by the clients, the formats specified in section 2.2.3.1 MUST be used.
MachineAuthentication (4 bytes): A 4-byte unsigned integer; a nonzero value specifies that the domain client uses computer credentials to perform IEEE 802.1X authentication.
MachineAuthenticationType (4 bytes): A 4-byte unsigned integer. This value specifies the way in which the domain client is to use computer or user credentials while performing IEEE 802.1X authentication (as specified in [IEEE802.1X]). This value MUST be one of the following:
-
Value
Meaning
0
With user authentication. When users are not logged on to the domain computer, IEEE 802.1X authentication (as specified in [IEEE802.1X]) is performed using the computer credentials. After a user logs on to the computer, authentication is maintained with the computer credentials. If a user failed to connect to the network previously, IEEE 802.1X authentication is performed using the user credentials.
1
With user re-authentication. When users are not logged on to the domain computer, IEEE 802.1X authentication (as specified in [IEEE802.1X]) is performed using the computer credentials. After a user logs on to the computer, authentication is performed using the user credentials. When a user logs off the computer, authentication is performed with the computer credentials.
2
Computer-only authentication. To be performed by using the computer credentials. User authentication is not performed.
GuestAuthentication (4 bytes): A 4-byte unsigned integer; a nonzero value specifies that the domain client performs IEEE 802.1X authentication (as specified in [IEEE802.1X]) with guest credentials when either user or computer credentials are not available.
802.1XMaxStart (4 bytes): A 4-byte unsigned integer; the value MUST be defined in accordance with the MaxStart parameter, as specified in [IEEE802.1X].
802.1XStartPeriod (4 bytes): A 4-byte unsigned integer, defined in accordance with the StartPeriod parameter, as specified in [IEEE802.1X].
802.1XAuthPeriod (4 bytes): A 4-byte unsigned integer; the value MUST be defined in accordance with the AuthPeriod parameter, as specified in [IEEE802.1X].
802.1XHeldPeriod (4 bytes): A 4-byte unsigned integer; the value MUST be defined in accordance with the HeldPeriod parameter, as specified in [IEEE802.1X].
DescriptionLen (4 bytes): A 4-byte unsigned integer specifying the length of a Unicode text string describing the wireless network associated with the wireless profile setting.
Description (variable): A Unicode string specifying a human-readable description for the wireless network associated with the wireless profile setting.
PreferredSettingFlags (4 bytes): A 4-byte unsigned integer specifying whether the domain clients are to treat the wireless network as a nonbroadcast network. This value MUST be one of the following:
-
Value
Meaning
0
The wireless network is a broadcast network.
1
The wireless network is a nonbroadcast network.
PreAuthModePresent (4 bytes): A 4-byte unsigned integer specifying the presence or absence of the field describing the IEEE 802.11i pre-authentication mode. If this field is 0, the PreAuthMode field has no defined meaning and is ignored by the domain client, as specified in [IEEE802.11i]. If this field is nonzero, the PreAuthMode field is interpreted by the domain client as specified in the PreAuthMode field description.
PreAuthThrottlePresent (4 bytes): A 4-byte unsigned integer specifying the presence or absence of the field describing the IEEE 802.11i pre-authentication throttle mode. If this field is 0, the PreAuthThrottle field has no defined meaning and is ignored by the domain client. If this field is nonzero, the PreAuthThrottle field is interpreted by the domain client as specified by the PreAuthThrottle field description.
PreAuthMode (4 bytes): A 4-byte unsigned integer; this field specifies the IEEE 802.11i pre-authentication mode that the domain client is to use to invoke any IEEE 802.11i pre-authentication capability while connecting to the wireless network. This value MUST be one of the following:
-
Value
Meaning
1
IEEE 802.11i pre-authentication is not to be invoked.
2
IEEE 802.11i pre-authentication is to be invoked.
PreAuthThrottle (4 bytes): A 4-byte unsigned integer; this field specifies the IEEE 802.11i pre-authentication throttle, that is, the maximum number of IEEE 802.11i pre-authentication attempts that a domain client can perform while staying associated with an access point. This value MUST be in the range 1–16.
PmkCacheModePresent (4 bytes): A 4-byte unsigned integer specifying the presence or absence of the field describing the IEEE 802.11i PMK caching mode. If this field is 0, the PmkCacheMode field has no defined meaning and is ignored by the domain client. If this field is nonzero, the PmkCacheMode field MUST be interpreted by the domain client as specified in the PmkCacheMode field description.
PmkCacheSizePresent (4 bytes): A 4-byte unsigned integer specifying the presence or absence of the field describing the IEEE 802.11i PMK cache size maximum. If this field is 0, the PmkCacheSize field has no defined meaning and is ignored by the domain client. If this field is nonzero, the PmkCacheSize field is interpreted by the domain client as specified in the PmkCacheSize field description.
PmkCacheTTLSecPresent (4 bytes): A 4-byte unsigned integer specifying the presence or absence of the field describing the IEEE 802.11i PMK cache time to live. If this field is 0, the PmkCacheTTLSec field has no defined meaning and is ignored by the domain client. If this field is nonzero, the PmkCacheTTLSec field is interpreted by the domain client as specified in the PmkCacheTTLSec field description.
PmkCacheMode (4 bytes): A 4-byte unsigned integer; this field specifies the mode that the domain client is to use for IEEE 802.11i PMK caching capability (as specified in [IEEE802.11i]) while connecting to a network. This value MUST be one of the following:
-
Value
Meaning
1
IEEE 802.11 PMK caching is not to be invoked.
2
IEEE 802.11 PMK caching is to be invoked.
PmkCacheSize (4 bytes): A 4-byte unsigned integer; this field specifies the maximum number of entries that a domain client can maintain while performing IEEE 802.11i PMK caching (as specified in [IEEE802.11i]) for a wireless network. This field MUST be in the range 16–255.
PmkCacheTTLSec (4 bytes): A 4-byte unsigned integer; this field MUST specify, in seconds, the maximum lifetime of PMK cache entries that a domain client is to maintain while performing IEEE 802.11i PMK caching (as specified in [IEEE802.11i]) for a wireless network. This field MUST be in the range 300–86,400.