Microsoft KB Archive/935432

= A Windows XP-based portable computer cannot use the Wireless Zero Configuration service to connect to a wireless network =

Article ID: 935432

Article Last Modified on 4/25/2007

-

APPLIES TO


 * Microsoft Windows XP Professional
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Windows Server 2003, Web Edition
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)

-



SYMPTOMS
A Microsoft Windows XP-based portable computer cannot use the Wireless Zero Configuration service to connect to a wireless network. This behavior occurs if the following conditions are true:
 * You have an autoenrollment policy on the Windows XP-based computer.
 * The certificates expire after four weeks. The Group Policy object (GPO) sends a new certificate every three weeks.
 * The certificate is sent successfully, and you see the new certificate on the computer.

Every time that a new certificate is sent to the computer, the computer cannot connect to the wireless network. Typically, this behavior occurs with the following kinds of certificates:
 * A certificate that has the same key
 * A certificate that has a new key
 * A certificate renewal
 * A request for a new certificate

This problem may also occur on a Microsoft Windows Server 2003-based portable computer and on a Microsoft Windows 2000 Server-based portable computer.



CAUSE
This problem occurs because the Wireless Zero Configuration service does not recognize the correct certificate. If you request a certificate manually or by using an autoenrollment policy, the Wireless Zero Configuration service does not obtain the correct certificate.



RESOLUTION
To resolve this problem, delete the archived certificates from the Certificate store. To do this, follow these steps:  Start Notepad. To do this, click Start, click Run, type notepad.exe, and then click OK.  Copy and then paste the following code into a new Notepad document. ' ' CAPICOM Constants Const CAPICOM_LOCAL_MACHINE_STORE = 1 Const CAPICOM_CURRENT_USER_STORE = 2 Const CAPICOM_MY_STORE = &quot;MY&quot; Const CAPICOM_STORE_OPEN_READ_WRITE = 1 Const CAPICOM_STORE_OPEN_INCLUDE_ARCHIVED = 256

'Set objArgs=WScript.Arguments 'strServerName = objArgs(0) Dim OID Set OID = WScript.CreateObject(&quot;CAPICOM.OID&quot;)

'=========== capicom local machine MY store certificates ==============

' Open the store. Set Store = WScript.CreateObject(&quot;CAPICOM.Store&quot;) Store.Open CAPICOM_LOCAL_MACHINE_STORE, CAPICOM_MY_STORE, CAPICOM_STORE_OPEN_READ_WRITE Or CAPICOM_STORE_OPEN_INCLUDE_ARCHIVED Set Certificates = Store.Certificates

Store.Open CAPICOM_CURRENT_USER_STORE, CAPICOM_MY_STORE, CAPICOM_STORE_OPEN_READ_WRITE Or CAPICOM_STORE_OPEN_INCLUDE_ARCHIVED Set Certificates = Store.Certificates

For Each Certificate In Certificates

certDate = Certificate.ValidToDate curDateTime = Date & &quot; &quot; & Time

DIFF = DateDiff(&quot;s&quot;,curDateTime,CertDate) If Diff > 0 then Else Store.Remove Certificate end if Next Next  Save the file as Scripts.vbs. Download the Capicom.dll file.

The following file is available for download from the Microsoft Download Center:

Download the Capicom.dll package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file. Save the Capicom.dll file in the following folder:

C:\WINDOWS\System32

 Register the Capicom.dll file, and then register the Dao360.dll file. To do this, follow these steps.  Click Start, click Run, type regsvr32 capicom.dll, and then click OK.</li> When you receive the message that the DllRegisterServer operation succeeded, click OK.</li> Click Start, click Run, type regsvr32 c:\program files\common files\microsoft shared\dao\dao360.dll, and then click OK.</li> When you receive the message that the DllRegisterServer operation succeeded, click OK.</li></ol> </li> Double-click the Scripts.vbs file.</li> Check the certificate store. The store must not have the archived certificates.</li></ol>

<div class="status_section">

STATUS
This behavior is by design.

<div class="references_section">