One of the new additions to Config Manager SP2 is native support of wireless access for managing clients with AMT.  Microsoft has built in support for configuring enterprise level wireless profiles such as WPA2-Enterprise.  These are wireless profiles that support RADIUS authentication using an authentication server to decide whether or not a given client is allowed to access the network.  Config Manager SP2 does not support wireless profiles that use pre-shared keys (PSK).  If you use security standards like WPA2-PSK/WPA2-Personal in your environment you will need to use the scripting framework tool to generate a script that can configure this option outside of Config Manager.

 

Mohan Veeramachaneni has put together several guides that explain how to configure the back-end RADIUS authentication components and access point configuration.

Cisco ACS

Configure Cisco ACS Server for Navigating Secure Networks with AMT/vPro

Microsoft NPS

Simple Configuration of Microsoft NPS as Radius for 802.1X - Part 1

Simple Configuration of Microsoft NPS as Radius for 802.1X - Part 2

Microsoft IAS

Step-by-step Guide for Navigating Secure Networks (802.1x) with Intel® AMT™ using Microsoft® SCCM SP1 & Microsoft® Radius (IAS)

Matt Royer has a blog entry that covers wireless profile management in Config Manager SP2.  The process he outlines is still the same in the release version of SP2.

http://communities.intel.com/community/openportit/vproexpert/microsoft-vpro/blog/2009/06/05/a-closer-look-at-sccm-sp2-beta-oob-wireless-management-wireless-profile-management

 

Key things to remember about wireless management with Config Manager

  • Config Manager will not update a wireless profile that is currently in use.
  • Config Manager now uses DNS entries to resolve client names.  You may run into a case where a client has switched between a wired or wireless connection and AMT is temporarily inaccessible due to delays in DNS update propagation.  DNS caching on your Config Manager server can also cause this to occur.  You can try running the “ipconfig /flushdns” command from a command prompt to clear the local DNS cache on your Config Manager server.
  • Launching a Serial-over-LAN session over a wireless connection while the client’s OS is using that same connection will cause the wireless network to be cut off to the OS.
    Last Reviewed: 9/26/2012