Validation Rules

  • Article

Note  Wireless Provisioning Services (WPS) is no longer available as of Windows Vista.

 

The following list describes the validation rules for various elements of the WirelessProfile schema:

  • The Version element must be set to 1.

  • The ssid element is a string containing 1-32 characters. It can only occur once within the XML data.

  • The connectionType element must be set to either IBSS or ESS.

  • If the encryption element is not set to None, the XML data must contain a valid networkKey element.

  • If the IEEE802.1XEnabled element is set to 1, the XML data must contain an EAPMethod element. If the IEEE802.1XEnabled element is set to 0, the EAPMethod element must not be specified.

If a networkKey element is present in the XML data, the following rules must be followed:

  • WEP keys are 5 or 13 characters (ASCII) or 10 or 26 characters (hexadecimal).

  • WPAPSK and WPA2PSK keys are 8-63 characters (ASCII) or 64 characters (hexadecimal).

The following table defines the permitted combinations of authentication and encryption methods supported for ESS connection types:

authentication value encryption value

Open

None| WEP

Shared

None| WEP

WPA

TKIP| AES

WPAPSK

TKIP| AES

WPA2

TKIP| AES

WPA2PSK

TKIP| AES

 

The following table defines the permitted combinations of authentication and encryption methods supported for IBSS connection types:

authentication value encryption value

Open

None| WEP

Shared

None| WEP

WPA-NONE

TKIP| AES

 

If the authentication element is set to Open, the following rules must be followed:

  • If the encryption element is set to None, then the keyProvidedAutomatically and IEEE802.1XEnabled elements must be set to 0. Also, the XML data must not contain a networkKey element.

  • If the IEEE802.1XEnabled element is set to 1, then the keyProvidedAutomatically element must be set to 1. Also, the XML data must not contain a networkKey element.

If the authenticationelement is set to Shared, the following rules must be followed:

  • If the encryption element is set to None, then the keyProvidedAutomatically and IEEE802.1XEnabled elements must be set to 0. However, the XML data may contain a networkKey element.

  • If the IEEE802.1XEnabled element is set to 1, then the keyProvidedAutomatically must be set to 1. Also, the XML data may contain a networkKey element.

If the authentication element is set to WPA or WPA2, the following rules must be followed:

  • The connectionType element must be set to ESS.

  • The encryption element must be set to either TKIP or AES.

  • The IEEE802.1XEnabled element must be set to 1.

  • The keyProvidedAutomatically must be set to 1.

  • A networkKey element must not be present in the XML data.

If the authentication element is set to WPAPSK or WPA2PSK, the following rules must be followed:

  • The connectionType element must be set to ESS.

  • The encryption element must be set to either TKIP or AES.

  • The IEEE802.1XEnabled element must be set to 0.

  • The keyProvidedAutomatically must be set to 0.

  • A valid networkKey element must be present in the XML data.

If the authentication element is set to WPA-NONE, the following rules must be followed:

  • The connectionType element must be set to IBSS,

  • The encryption element must be set to either TKIP or AES.

  • The IEEE802.1XEnabled element must be set to 0.

  • The keyProvidedAutomatically must be set to 0.

  • A valid networkKey element must be present in the XML data.

Note   The EAP methods supported in Windows XP with SP2 and Windows Server 2003 with SP1 are EAP-TLS and PEAP. 802.1X profiles created using this schema will use the default configuration parameters for these methods.

Authentication modes of WPA2 and WPA2PSK are currently not supported in Windows XP with SP2 and Windows Server 2003 with SP1.

 

 

 

Send comments about this topic to Microsoft