I'm following the instructions you gave in the Windows & .NET Magazine article "A Secure Wireless Network Is Possible" (May 2004, InstantDoc ID 42273). I ran into a snag when I was adding a new Remote Access Policy (RAP) in the Internet Authentication Service (IAS). The wizard asks which authentication method I want to require for this RAP, which is Protected Extensible Authentication Protocol (PEAP), but when I click Configure, I see the following message: "A certificate could not be found that can be used with this Extensible Storage Protocol." I followed your instructions step by step but can't get beyond this message. Can you help? I'm using Windows Server 2003, Standard Edition.
Although you're using PEAP (which is password-based authentication), your IAS server still requires a certificate for authenticating itself to wireless clients. If you already have Certificate Services running on another server in your domain, you can request a certificate from that Certificate Authority (CA). For instance, if your CA is named WIN21, run mmc.exe from your IAS server and load the Microsoft Management Console (MMC) Certificates snap-in. When MMC asks who you want to manage certificates for, select Computer account, then Local computer. After the Certificates snap-in has loaded, right-click Certificates (Local Computer)\Personal and select All Tasks\Request New Certificate. When prompted for certificate type, select Computer and accept all defaults until your request is processed. You should now have a certificate in your IAS server s local store that will be trusted by client computers. If you don't already have Certificate Services installed, you can install it on your IAS server, which automatically creates a certificate that you can use when you create the RAP. When you install Certificate Services, Windows will ask you whether you want to install Certificate Services as an enterprise CA or standalone CA. Choose enterprise CA because enterprise CAs are automatically trusted by every computer in the domain.