Точка доступа windows server

По умолчанию во всех версиях Windows Server 2022/2016/2016/2012R2 отключена поддержка беспроводных WiFi сетей. Если вы подключите сетевой адаптер Wi-Fi (USB или PCI) к хосту с Windows Server, вы просто не сможете включить его в панели управления. В этой небольшой заметке я покажу, как включить поддержку Wi-Fi в Windows Server.

Подключите физический Wi-Fi адаптер к хосту Windows Server и установите драйвера. Убедитесь, что адаптер появился в диспетчере устройств (
devmgmt.msc
) в секции Network Adapters.

Откройте консоль PowerShell с правами администратора и убедитесь, что компонент Wireless LAN Service не установлен.

Get-WindowsFeature *Wireless*

Картинка с сайта: winitpro.ru

Чтобы установить компонент или роль Windows Server воспользуйтесь PowerShell командой Install-WindowsFeature:

Install-WindowsFeature -Name Wireless-Networking

Картинка с сайта: winitpro.ru

Или установите компонент Wireless LAN Service с помощью Server Manager (Add Roles and Features -> Features).

Картинка с сайта: winitpro.ru

После завершения установки компонента нужно перезагрузить хост:

shutdown –f –r –t 0

После перезагрузки в Windows появится служба Wireless LAN Service (WLAN AutoConfig), но по умолчанию она отключена. Чтобы включить службу Windows и настроить ее на автоматический запуск, выполните:

Set-Service WlanSvc –startuptype automatic –passthru
Start-Service WlanSvc –PassThru

Теперь перейдите в центр управления сетями в Панели управления (
ncpa.cp
l) и включите Wi-Fi адаптер вручную (Правой кнопкой -> Enabled).

Картинка с сайта: winitpro.ru

Теперь вы можете подключиться к Wi-Fi сети (уровень сигнала Wi-Fi доступных точек доступа можно получить с помощью PowerShell) или даже сделать точку доступа на базе вашего Windows Server.

Данная инструкция проверена на Windows Server 2019. В Server Core 2022 роль Wireless-Networking удалена, поэтому в Server Core настроить сеть на Wi-Fi не удастся.

Лицензионный ключ активации Windows Server 2025 от

Распознавание голоса и речи на C#

UnmanagedCoder 05.05.2025

Интеграция голосового управления в приложения на C# стала намного доступнее благодаря развитию специализированных библиотек и API. При этом многие разработчики до сих пор считают голосовое управление. . .

Реализация своих итераторов в C++

NullReferenced 05.05.2025

Итераторы в C++ — это абстракция, которая связывает весь экосистему Стандартной Библиотеки Шаблонов (STL) в единое целое, позволяя алгоритмам работать с разнородными структурами данных без знания их. . .

Разработка собственного фреймворка для тестирования в C#

UnmanagedCoder 04.05.2025

C# довольно богат готовыми решениями – NUnit, xUnit, MSTest уже давно стали своеобразными динозаврами индустрии. Однако, как и любой динозавр, они не всегда могут протиснуться в узкие коридоры. . .

Распределенная трассировка в Java с помощью OpenTelemetry

Javaican 04.05.2025

Микросервисная архитектура стала краеугольным камнем современной разработки, но вместе с ней пришла и головная боль, знакомая многим — отслеживание прохождения запросов через лабиринт взаимосвязанных. . .

Шаблоны обнаружения сервисов в Kubernetes

Mr. Docker 04.05.2025

Современные Kubernetes-инфраструктуры сталкиваются с серьёзными вызовами. Развертывание в нескольких регионах и облаках одновременно, необходимость обеспечения низкой задержки для глобально. . .

Создаем SPA на C# и Blazor

stackOverflow 04.05.2025

Мир веб-разработки за последние десять лет претерпел коллосальные изменения. Переход от традиционных многостраничных сайтов к одностраничным приложениям (Single Page Applications, SPA) — это. . .

Реализация шаблонов проектирования GoF на C++

NullReferenced 04.05.2025

«Банда четырёх» (Gang of Four или GoF) — Эрих Гамма, Ричард Хелм, Ральф Джонсон и Джон Влиссидес — в 1994 году сформировали канон шаблонов, который выдержал проверку временем. И хотя C++ претерпел. . .

C# и сети: Сокеты, gRPC и SignalR

UnmanagedCoder 04.05.2025

Сетевые технологии не стоят на месте, а вместе с ними эволюционируют и инструменты разработки. В . NET появилось множество решений — от низкоуровневых сокетов, позволяющих управлять каждым байтом. . .

Создание микросервисов с Domain-Driven Design

ArchitectMsa 04.05.2025

Архитектура микросервисов за последние годы превратилась в мощный архитектурный подход, который позволяет разрабатывать гибкие, масштабируемые и устойчивые системы. А если добавить сюда ещё и. . .

Многопоточность в C++: Современные техники C++26

bytestream 04.05.2025

C++ долго жил по принципу «один поток — одна задача» — как старательный солдатик, выполняющий команды одну за другой. В то время, когда процессоры уже обзавелись несколькими ядрами, этот подход стал. . .

In this post I will show how to set up a RADIUS server on Windows Server 2019 to provide 802.1X Wireless Connections through wireless access points.

Actually I want to set up a RADIUS server for IEEE 802.11 wireless networks, but its nearly the same as for wired (Ethernet) networks besides the NAS Port Type (type of media used) is IEEE 802.11 wireless instead of wired Ethernet.

IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.
Source: https://en.wikipedia.org/wiki/IEEE_802.1X
https://en.wikipedia.org/wiki/IEEE_802

Set up the Network Policy and Access Services (NPAS) Server Role

Microsoft’s implementation of a Remote Authentication Dial-In User Service (RADIUS) server is for Windows Server operating systems later than Windows Server 2003 the Network Policy and Access Services (NPAS) server role.

NPAS replaces the Internet Authentication Service (IAS) from Windows Server 2003.
Source: https://en.wikipedia.org/wiki/Network_Policy_Server

So first I will install the Network Policy and Access Services (NPAS) server role either on a domain controller or member server.

Now as the Network Policy and Access Services (NPAS) server role is installed you will have a new console named Network Policy Server.

Open the Network Policy Server console and select the RADIUS server for 802.1X Wireless or Wired Connections template to configure NPS by using the wizard.

Click on Configure 802.1X to start the wizard.

Select Secure Wireless Connections

Here I need to add all my WLAN access points as RADIUS clients.

• Friendly name
• IP address or FQDN
• Shared secret
  Use a unique RADIUS shared secret for each wireless AP unless you are planning to configure APs as RADIUS Clients in NPS by group. If you plan to configure APs by group in NPS, the shared secret must be the same for every member of the group. In addition, each shared secret you use should be a random sequence of at least 22 characters that mixes uppercase and lowercase letters, numbers, and punctuation.
  Source: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment#to-configure-your-wireless-aps

Configure an Authentication Method

For authentication I will use the Protected EAP (PEAP) protocol.

Click on Configure to select a certificate to prove the identity of the RADIUS server to the clients. You can use here the default computer certificate from your internal PKI.

The clients needs to trust that certificate, otherwise the user’s wont be able to connect to the wireless network.

It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server’s public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping.

Simplifying WPA2-Enterprise and 802.1x

Client / Supplicant
In order for a device to participate in the 802.1x authentication, it must have a piece of software called a supplicant installed in the network stack. The supplicant is necessary as it will participate in the initial negotiation of the EAP transaction with the switch or controller and package up the user credentials in a manner compliant with 802.1x. If a client does not have a supplicant, the EAP frames sent from the switch or controller will be ignored and the switch will not be able to authenticate.

Fortunately, almost all devices we might expect to connect to a wireless network have a supplicant built-in. SecureW2 provides a 802.1x supplicant for devices that don’t have one natively.

Thankfully, the vast majority of device manufacturers have built-in support for 802.1x. The most common exceptions to this might be consumer gear, such as game consoles, entertainment devices or some printers. Generally speaking, these devices should be less than 10% of the devices on your network and are best treated as the exception rather than the focus.

Switch / Access Point / Controller
The switch or wireless controller plays an important role in the 802.1x transaction by acting as a ‘broker’ in the exchange. Until a successful authentication, the client does not have network connectivity, and the only communication is between the client and the switch in the 802.1x exchange.

The switch/controller initiates the exchange by sending an EAPOL-Start packet to the client when the client connects to the network. The client’s responses are forwarded to the correct RADIUS server based on the configuration in the Wireless Security Settings. When the authentication is complete, the switch/controller makes a decision whether to authorize the device for network access based on the user’s status and possibly the attributes contained in the Access_Accept packet sent from the RADIUS server.

Successful mutual PEAP-MS-CHAP v2 authentication has two main parts:

• The client authenticates the NPS. During this phase of mutual authentication, the NPS sends its server certificate to the client computer so that the client can verify the NPS’s identity with the certificate. To successfully authenticate the NPS, the client computer must trust the CA that issued the NPS certificate. The client trusts this CA when the CA’s certificate is present in the Trusted Root Certification Authorities certificate store on the client computer.
• The NPS authenticates the user. After the client successfully authenticates the NPS, the client sends the user’s password-based credentials to the NPS, which verifies the user’s credentials against the user accounts database in Active Directory Domain Services (AD DS).

If the credentials are valid and authentication succeeds, the NPS begins the authorization phase of processing the connection request. If the credentials are not valid and authentication fails, NPS sends an Access Reject message and the connection request is denied.

The behavior requiring the client to validate the server certificate can be disabled, but disabling server certificate validation is not recommended in production environments.

Source: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/a-deploy-8021x-wireless-access#authentication

The server running NPS performs authorization as follows:

• NPS checks for restrictions in the user or computer account dial-in properties in AD DS. Every user and computer account in Active Directory Users and Computers includes multiple properties, including those found on the Dial-in tab. On this tab, in Network Access Permission, if the value is Allow access, the user or computer is authorized to connect to the network. If the value is Deny access, the user or computer is not authorized to connect to the network. If the value is Control access through NPS Network Policy, NPS evaluates the configured network policies to determine whether the user or computer is authorized to connect to the network.
• NPS then processes its network policies to find a policy that matches the connection request. If a matching policy is found, NPS either grants or denies the connection based on that policy’s configuration.

If both authentication and authorization are successful, and if the matching network policy grants access, NPS grants access to the network, and the user and computer can connect to network resources for which they have permissions.

Source: https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/a-deploy-8021x-wireless-access#authorization

Keep in mind regarding the communication between the NPS server and client as described in both Microsoft articles about authentication and authorization above.

As mentioned further above in the great article from SECUREW2, the client cannot communicate directly with the RADIUS server to authenticate himself and the server, as it does not have network connectivity until a successful authentication. The communication between the client and RADIUS server is established through the access points (switches for wired networks), which will acting as a broker in the exchange between both.

Adding Users to allow access for the Network

Here I will add all groups which are allowed to access the network through my wlan access points.

For computer authentication you should create a security group which includes all computer accounts they should be able to authenticate against NPS and add it to your network policy (Conditions tab) as windows group. NPS uses then this policy to authorize the connection request.

Further each of those computers needs a computer certificate installed from your internal PKI (CA), which is by default published to the Enterprise NTAuth store.

The computers wlan profile also needs to be configured to enable computer authentication, I will show this further below in the section about configuring a group policy.

Btw. you can also use certificates from a third-party CA, but in that case you need to import the CA certificate into your Enterprise NTAuth store and the computer certificate needs to mapped to the computer account in Active Directory. About how you will find in the following article from Microsoft:
https://docs.microsoft.com/en-us/troubleshoot/windows-server/windows-security/import-third-party-ca-to-enterprise-ntauth-store

The Enterprise NTAuth store is used by your Active Directory domain to determine which certification authorities to trust for issuing certificates that are used to authenticate and authorize a user or computer.

To check which CAs are stored in the Enterprise NTAuth store, you can use the PKI Tool (PKIVIEW). On your CA server open the tool pkiview.msc, right click on Enterprise PKI and select Manage AD Containers… . Here you will see in the tab NTAuthCertificates which CAs are still trusted.

Configure Traffic Controls (RADIUS tunnel attributes)

In the next dialog you can configure traffic control attributes (RADIUS tunnel attributes) to allow and deny traffic to user’s based on their assigned VLANs.

You can change all of theses settings later directly in the NPS console.

Here you can modify the RADIUS clients.

The wizard will create a Connection Request Policy and a Network Policy.

Connection Request Policies
https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-crp-crpolicies

Connection request policies are sets of conditions and settings that allow network administrators to designate which Remote Authentication Dial-In User Service (RADIUS) servers perform the authentication and authorization of connection requests that the server running Network Policy Server (NPS) receives from RADIUS clients. Connection request policies can be configured to designate which RADIUS servers are used for RADIUS accounting.

By default the wizard will set to process the authentication request locally on the server.

Network Policy

You can also configure Accounting for the NPS server.

Configure Network Policy Server Accounting
https://docs.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-accounting-configure

The wizard created our Network Policy and we do not need to change here anything.

By adding Windows Groups, it doesn’t matter if they were local groups on the server itself or domain groups, NPS will process both of them.

As mentioned further above you can use here the default computer certificate on the NPS server from your internal PKI.

The clients needs to trust that certificate, otherwise the user’s wont be able to connect to the wireless network.

It then creates an encrypted TLS tunnel between the client and the authentication server. In most configurations, the keys for this encryption are transported using the server’s public key. The ensuing exchange of authentication information inside the tunnel to authenticate the client is then encrypted and user credentials are safe from eavesdropping.

Configure your WLAN Access Points

On the wlan access points we have to configure the IP address from the NPS (RADIUS) server, port and shared secret.

For my access points I will use here from Netgear the WAX218 WiFi 6 WLAN Access Point which is cost effective and intended for heavy internet traffic plus supports a huge amount of connected devices up to 256. This model is meanwhile discontinued by Netgear but a similar model is still available with the WAX620.

The Radius Port for authentication by default is UDP 1812 or 1645.

Further we need to select a security mode our access points will use to authenticate users or devices (computer authentication as mentioned further above). When using a RADIUS server we want that users authenticate themselves by using their username and password for the network, therefore we need to select WPA2 or WPA3-Enterpise, also for computer authentication.

Keep in mind that even in the year 2022 not all devices support WPA3.

You can check the ports in the NPS console by right clicking on NPS(Local) and select properties. Here within the tab Ports, you can see on what ports the NPS server is listening for authentication and if used accounting.

The Radius Port for accounting by default is UDP 1813 or 1646.

Optionally we can also configure Radius Accounting as mentioned.

The RADIUS server also collects a variety of information sent by the NAS that can be used for accounting and for reporting on network activity. The RADIUS client sends information to designated RADIUS servers when the User logs on and logs off. The RADIUS client may send additional usage information on a periodic basis while the session is in progress. The requests sent by the client to the server to record logon/logoff and usage information are generally called accounting requests.

For more information on RADIUS accounting, see RFC 2866.

Source: https://learn.microsoft.com/en-us/windows/win32/nps/ias-radius-authentication-and-accounting

Configure Wireless Network (IEEE 802.11) Policies | Wi-Fi profiles

You can configure group policies in your network to define preferred networks and settings for the WLAN connection to your clients.

To activate default Wireless Network (IEEE 802.11) Policies
https://docs.microsoft.com/en-us/windows-server/networking/core-network-guide/cncg/wireless/e-wireless-access-deployment#to-activate-default-wireless-network-ieee-80211-policies

Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Wireless Network (IEEE 802.11) Policies

Clients should connect automatically to this network when it is in range.

For the network authentication method I have to select Protected EAP (PEAP) as used on the NPS server and for the authentication mode I will use User or Computer authentication.

Even the most common method of authentication with PEAP-MSCHAPv2 is user auth, in which clients are prompted to enter their domain credentials, the Windows NPS server role also supports computer authentication by using the PEAP-MSCHAPv2 protocol.

In order to use computer authentication, you also have to install a computer certificate on the clients and issued from your internal PKI as mentioned further above.

For computer authentication you can configure certificate auto-enrollment for the client computers as shown in my following post: https://blog.matrixpost.net/configure-certificate-auto-enrollment/

In the advanced settings you can enable single sign-on for the wireless network, by checking this your password to logon to your computer will also be passed and used to establish the wireless connection with the access points.

Further if you select Perform immediately before User Logon as show in the figure below, the computer will first try to connect to the wireless access points when the user is entering its password and then subsequently will get logged on to its computer after the wireless connection is established.

In case computer authentication will be performed, the computer already connects at the logon screen to the network, as it doesn’t matter which user will get logged on.

Therefore in both cases the computer can perform a network login against the domain controllers and logon scripts and group policies will be applied to the computer.

If the wireless connection couldn’t be established, the user will get logged on to its computer by using the local cached credentials as usual but without processing the logon scripts and applying the group policies from the domain controller.

At the logon screen you will see the wireless network to which Windows tries to connect after providing your password for the logon.

User vs. Machine Authentication
The most common method of authentication with PEAP-MSCHAPv2 is user auth, in which clients are prompted to enter their domain credentials. It is also possible to configure RADIUS for machine authentication, in which the computers themselves are authenticated against RADIUS, so the user doesn’t need to provide any credentials to gain access. Machine auth is typically accomplished using EAP-TLS, though some RADIUS server options do make it simple to accomplish machine auth using PEAP-MSCHAPv2 (including Windows NPS, as outlined in the example config below).

The following example configuration outlines how to set up Windows NPS as a RADIUS server, with Active Directory acting as a userbase:

Add the Network Policy Server (NPS) role to Windows Server.
Add a trusted certificate to NPS.
Add APs as RADIUS clients on the NPS server.
Configure a policy in NPS to support PEAP-MSCHAPv2.
(Optional for machine auth) Deploy PEAP-MSCHAPv2 wireless network settings to domain member computers using Group Policy.

Source: https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise

Create Wi-Fi profiles using the System Center Configuration Manager (SCCM) or Microsoft Intune.

You can also use SCCM or Microsoft Intune to configure Wi-Fi profiles. This topic is well documented from Microsoft in the following articles.

Manage Wi-Fi profiles on local computer by using the netsh command

You can also use the netsh command line tool to manage the Wi-Fi profiles on a local computer.

• netsh wlan show profile -> list profiles located on the local computer
• netsh wlan show profiles interface=”wi-fi” -> list profile for specific interface
• netsh wlan show drivers -> list driver information about the wireless adapter
• netsh wlan show wirelesscapabilities -> list capabilities of the wireless adapter
• netsh wlan show interfaces -> list all wireless interfaces on the local computer
• netsh wlan show profile name=”myAP” key=clear -> will display the security key in plaintext
• netsh wlan set profileparameter name=”myAP” connectionmode=manual -> will disable connect automatically
• netsh wlan set profileparameter name=”myAP” connectionmode=auto -> will enable connect automatically
• netsh wlan delete profile name=”myAP” -> will delete the myAP wlan profile
• netsh wlan delete profile name=* -> will delete all wlan profiles on the local computer
• netsh wlan export profile name=”WiFiNetwork” key=clear folder=”C:path” key=clear -> Export a wlan profile
• netsh wlan add profile filename=”C:pathprofileFile.xml” user=all -> Import a wlan profile for all user’s -> user=current only for the current user
• netsh wlan show wlanreport -> will create a wireless adapter report will ->
  Analyze the wireless network report
  https://support.microsoft.com/en-us/windows/analyze-the-wireless-network-report-76da0daa-1db2-6049-d154-7bb679eb03ed

Troubleshooting

In case something went wrong and your clients won’t connect to the the wireless network, you can investigate several logs to get more details about the problem.

You can search in two locations for logs to investigate the reason why clients can’t connect to the network.

For general configuration problems between the NPS server and the RADIUS clients, you can investigate the Event Viewer.

Custom Views -> Server Roles -> Network Policy and Access Services

For problems regarding authentication from the user’s itself, you should use the Accounting logs. Here you can see the default path from them.

To investigate them I would suggest to use a specific log viewer like the IAS Log Viewer from DeepSoftware LLC. You can use this viewer also to investigate VPN logging from the Windows Routing and Remote Access servers.

IAS Log Viewer
https://www.deepsoftware.com/iasviewer/

IAS_SUCCESS -> the user or computer authenticated successfully against the NPS server, formerly Internet Authentication Service (IAS)

NPAS replaces the Internet Authentication Service (IAS) from Windows Server 2003.
Therefore you will see IAS_SUCCESS messages in the logs from NPS.
Source: https://en.wikipedia.org/wiki/Network_Policy_Server

Reason for rejecting a user. Can be:

Field (26) Reason-Code Number

• 0 = IAS_SUCCESS
• 1 = IAS_INTERNAL_ERROR
• 2 = IAS_ACCESS_DENIED
• 3 = IAS_MALFORMED_REQUEST
• 4 = IAS_GLOBAL_CATALOG_UNAVAILABLE
• 5 = IAS_DOMAIN_UNAVAILABLE
• 6 = IAS_SERVER_UNAVAILABLE
• 7 = IAS_NO_SUCH_DOMAIN
• 8 = IAS_NO_SUCH_USER
• 16 = IAS_AUTH_FAILURE
• 17 = IAS_CHANGE_PASSWORD_FAILURE
• 18 = IAS_UNSUPPORTED_AUTH_TYPE
• 32 = IAS_LOCAL_USERS_ONLY
• 33 = IAS_PASSWORD_MUST_CHANGE
• 34 = IAS_ACCOUNT_DISABLED
• 35 = IAS_ACCOUNT_EXPIRED
• 36 = IAS_ACCOUNT_LOCKED_OUT
• 37 = IAS_INVALID_LOGON_HOURS
• 38 = IAS_ACCOUNT_RESTRICTION
• 48 = IAS_NO_POLICY_MATCH
• 64 = IAS_DIALIN_LOCKED_OUT
• 65 = IAS_DIALIN_DISABLED
• 66 = IAS_INVALID_AUTH_TYPE
• 67 = IAS_INVALID_CALLING_STATION
• 68 = IAS_INVALID_DIALIN_HOURS
• 69 = IAS_INVALID_CALLED_STATION
• 70 = IAS_INVALID_PORT_TYPE
• 71 = IAS_INVALID_RESTRICTION
• 80 = IAS_NO_RECORD
• 96 = IAS_SESSION_TIMEOUT
• 97 = IAS_UNEXPECTED_REQUEST

Source: https://www.radiusreporting.com/IAS-DB-Attribute-Format-Table.html

EAP authentication exchange for wireless clients through the access point and RADIUS server stuck by using a route-based IPSec in pfSense during the SSL handshake and here exactly after the Client Hello

If you ran into that issue, you can read my following post about how to set up a lean Branch Office Network without any Servers and DCs inside by using an IPSec S2S VPN Tunnel connected with the Headquarters Network.

Links

Время от времени возникает необходимость подключения серверной операционной системы Windows к беспроводной сети. На первый взгляд задача элементарная: подключил адаптер, поставил драйвер… Однако ее практическая реализация способна вызвать нешуточные сложности. Мы уже готовы услышать привычные сетования в адрес компании Microsoft, но на самом деле все довольно просто и логично, единственное, что можно поставить в упрек разработчику, так это неинформативное поведение системы в данной ситуации, на наш взгляд вполне можно было бы добавить подсказки или отразить событие в логах.

Онлайн-курс по устройству компьютерных сетей
На углубленном курсе «Архитектура современных компьютерных сетей» вы с нуля научитесь работать с Wireshark и «под микроскопом» изучите работу сетевых протоколов. На протяжении курса надо будет выполнить более пятидесяти лабораторных работ в Wireshark.

Начнем с того, что обозначенная в заголовке задача для серверных систем довольно нетипична, но иногда такая потребность все-таки появляется. Решается она тоже просто, покупкой нужного беспроводного адаптера. В общем все идет достаточно привычно, до тех пор, пока вы не попытаетесь подключиться к беспроводной сети. В этот момент выяснится, что сервер не видит не одной сети, а сам адаптер находится в состоянии Отключено.

Картинка с сайта: interface31.ru

Попытка включить его не приводит к успеху, адаптер делает попытку включиться, но тут же снова переходит в отключенное состояние. При этом система не выдает никаких сообщений и не делает никаких записей в журналах событий.

Внешне ситуация выглядит как некая несовместимость и на поиск «подходящего» драйвера можно потратить достаточно много времени или, решив, что проблема с адаптером, даже купить новый, с таким же эффектом. Поэтому не спешите тратить время и деньги, давайте лучше разберемся в ситуации.

Как мы уже говорили, данная задача для серверного применения нетипична, поэтому, следуя общей тенденции развития серверных операционных систем Microsoft, данная возможность была оформлена в виде отдельной компоненты, которая по умолчанию не установлена.

В целом такое решение разработчиков логично и правильно, меньше неиспользуемых служб — меньше потребляемых ресурсов, меньше возможных уязвимостей. С другой стороны, добавить какие-либо подсказки или записывать в журнал событие с ошибкой все-таки стоило бы, иначе для неподготовленного пользователя ситуация выглядит достаточно неоднозначно.

Для того, чтобы Windows Server мог работать с беспроводными сетями следует установить компоненту Служба беспроводной локальной сети, после чего сервер потребуется перезагрузить.

Картинка с сайта: interface31.ru

Казалось бы, проблема решена, но не стоит спешить. После перезагрузки Служба автонастройки WLAN автоматически не запускается, хотя в ее настройках установлен автоматический запуск.

Эта ситуация не является ошибкой и описана в документации, хотя такое поведение службы непонятно. Вам потребуется запустить службу вручную или еще раз перезагрузить сервер. После этого можно включить беспроводной адаптер и подключиться к нужной сети.

Интересно, что если после первой перезагрузки вы вставите новый адаптер, то по завершению установки драйвера служба автоматически запустится. Возможно в связи с этим в некоторых руководствах в сети присутствует рекомендация после добавления компоненты удалить и заново установить драйвер адаптера.

Такой же самый результат можно получить гораздо быстрее используя PowerShell, для этого выполните всего одну простую команду:

Add-WindowsFeature wireless-networking

Картинка с сайта: interface31.ru

После чего точно также потребуется перезагрузить сервер и запустить службу вручную. Быстро это сделать можно еще одной командой:

net start wlansvc

Как видим, для успешного администрирования Windows Server, вопреки расхожему мнению, что в нем все делается интуитивно понятно и мышкой, все-таки желательно знать структуру и базовые принципы устройства системы, что избавит вас от возможных трат впустую времени и денег.

Онлайн-курс по устройству компьютерных сетей
На углубленном курсе «Архитектура современных компьютерных сетей» вы с нуля научитесь работать с Wireshark и «под микроскопом» изучите работу сетевых протоколов. На протяжении курса надо будет выполнить более пятидесяти лабораторных работ в Wireshark.