I'm following the instructions you gave in the Windows & .NET Magazine
article "A Secure Wireless Network Is Possible" (May 2004, InstantDoc ID 42273).
I ran into a snag when I was adding a new Remote Access Policy (RAP) in the
Internet Authentication Service (IAS). The wizard asks which authentication
method I want to require for this RAP, which is Protected Extensible Authentication
Protocol (PEAP), but when I click Configure, I see the following message: "A
certificate could not be found that can be used with this Extensible Storage
Protocol." I followed your instructions step by step but can't get beyond this
message. Can you help? I'm using Windows Server 2003, Standard Edition.
Although you're using PEAP (which is password-based authentication), your
IAS server still requires a certificate for authenticating itself to wireless
clients. If you already have Certificate Services running on another server
in your domain, you can request a certificate from that Certificate Authority
(CA). For instance, if your CA is named WIN21, run mmc.exe from your IAS server
and load the Microsoft Management Console (MMC) Certificates snap-in. When MMC
asks who you want to manage certificates for, select Computer account, then
Local computer. After the Certificates snap-in has loaded, right-click Certificates
(Local Computer)\Personal and select All Tasks\Request New Certificate. When
prompted for certificate type, select Computer and accept all defaults until
your request is processed. You should now have a certificate in your IAS server
s local store that will be trusted by client computers. If you don't already
have Certificate Services installed, you can install it on your IAS server,
which automatically creates a certificate that you can use when you create the
RAP. When you install Certificate Services, Windows will ask you whether you
want to install Certificate Services as an enterprise CA or standalone CA. Choose
enterprise CA because enterprise CAs are automatically trusted by every computer
in the domain.