authEncryption (security) element

Artikkel
06/25/2023

The authEncryption (security) element specifies the authentication and encryption pair to be used for this profile.

<xs:element name="authEncryption"
    minOccurs="0"
 >
    <xs:complexType>
        <xs:sequence>
            <xs:element name="authentication">
                <xs:simpleType>
                    <xs:restriction base="xs:string">
                        <xs:enumeration value="open">
                        <xs:enumeration value="shared">
                        <xs:enumeration value="WPA">
                        <xs:enumeration value="WPAPSK">
                        <xs:enumeration value="WPA2">
                        <xs:enumeration value="WPA2PSK">
                        <xs:enumeration value="WPA3">
                        <xs:enumeration value="WPA3ENT192">
                        <xs:enumeration value="WPA3ENT">
                        <xs:enumeration value="WPA3SAE">
                        <xs:enumeration value="OWE">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="encryption">
                <xs:simpleType>
                    <xs:restriction base="xs:string">
                        <xs:enumeration value="none">
                        <xs:enumeration value="WEP">
                        <xs:enumeration value="TKIP">
                        <xs:enumeration value="AES">
                        <xs:enumeration value="GCMP256">
                    </xs:restriction>
                </xs:simpleType>
            </xs:element>
            <xs:element name="useOneX"
                minOccurs="0"
                type="boolean"
             />
            <xs:element name="FIPSMode"
                minOccurs="0"
                type="boolean"
             />
            <xs:element name="transitionMode"
                type="boolean"
             />
            <xs:any
                processContents="lax"
                minOccurs="0"
                maxOccurs="unbounded"
                namespace="##other"
             />
        </xs:sequence>
    </xs:complexType>
</xs:element>

Parent elements

security (MSM)

Child elements

Element	Type	Description
authentication		Specifies the authentication method to be used to connect to the wireless LAN.
encryption		Specifies the type of data encryption to use to connect to a wireless LAN.
useOneX	boolean	Indicates whether 802.1X authentication is used.
FIPSMode	boolean	Indicates whether Federal Information Processing Standards (FIPS) mode is enabled.
transitionMode	boolean	Transition mode configuration.

authentication

Specifies the authentication method to be used to connect to the wireless LAN.

Value	Description
open	Open 802.11 authentication.
shared	Shared 802.11 authentication.
WPA	WPA-Enterprise 802.11 authentication.
WPAPSK	WPA-Personal 802.11 authentication.
WPA2	WPA2-Enterprise 802.11 authentication.
WPA2PSK	WPA2-Personal 802.11 authentication.
WPA3	Deprecated (and synonymous with WPA3ENT192). Use WPA3ENT192 instead.
WPA3ENT192	WPA3-Enterprise 192-bit mode authentication.
WPA3ENT	WPA3-Enterprise authentication.
WPA3SAE	WPA3-Simultaneous Authentication of Equals (WPA3-SAE) authentication.
OWE	Opportunistic wireless encryption (OWE) authentication.

For more information about 802.11 authentication methods, see the WPA, 802.1X, and 802.11i specifications.

encryption

Specifies the type of data encryption to use to connect to a wireless LAN.

When the encryption element has a value of WEP, keyType must be set to networkKey.

The AES encryption method is as specified in the 802.1X and 802.11i specifications.

useOneX

Indicates whether 802.1X authentication is used.

FIPSMode

Indicates whether Federal Information Processing Standards (FIPS) mode is enabled. When a wireless connection is operating in FIPS mode, the security level of the connection complies with the FIPS 140-2 standard. For more info about FIPS, see the FIPS Home Page.

This element is optional. If this element isn't specified in a profile, then FIPS mode isn't enabled.

FIPSMode can be set to TRUE only when the following conditions are met:

The connectionType element has a value of ESS (that is, the connection is an infrastructure connection).
The authentication element has a value of WPA2 or WPA2PSK.
The encryption element has a value of AES.

Unlike most elements in the WLAN_profile schema, this element is in the https://www.microsoft.com/networking/WLAN/profile/v2 namespace.

The value of the FIPSMode element is ignored if the miniport driver for the wireless interface doesn't support FIPS mode.

Windows XP with SP3 and Wireless LAN API for Windows XP with SP2: This element isn't supported. If FIPSMode is present in a profile, then the element is ignored.

This parameter can be set at the command line using the netsh wlan set profileparameter command. For more information, see Netsh Commands for Wireless Local Area Network (wlan).

transitionMode

Transition mode configuration.

Examples

To view sample profiles that use the authEncryption element and its child elements, see Wireless profile samples. To view a sample profile that uses the FIPSMode element, see FIPS profile sample.

Requirements

Requirement	Value
Minimum supported client	Windows Vista, Windows XP with SP3 [desktop apps only]
Minimum supported server	Windows Server 2008 [desktop apps only]
Redistributable	Wireless LAN API for Windows XP with SP2

Del via