New-CMWirelessProfileObject

Creates a profile that specifies settings for AMT-based computers on a wireless network.

Syntax

New-CMWirelessProfileObject
   -ClientAuthenticationMethod <ClientAuthenticationMethodType>
   -ClientCertificateTemplate <String>
   -ClientCertificationAuthorityName <String>
   -ClientIssuingCertificationAuthority <String>
   [-Confirm]
   [-DisableWildcardHandling]
   -EncryptionMethod <EncryptionType>
   [-ForceWildcardHandling]
   -NetworkName <String>
   -ProfileName <String>
   -SecurityType <WirelessProfileSecurityType>
   -TrustedRootCertificate <X509Certificate2>
   [-WhatIf]
   [<CommonParameters>]

Description

The New-CMWirelessProfileObject cmdlet creates a Microsoft System Center Configuration Manager profile that specifies settings that Intel Active Management Technology (AMT)-based computers use on a wireless network. These settings must match the configuration on your Remote Authentication Dial-In User Service (RADIUS) server. System Center Configuration Manager cannot validate that these settings with your RADIUS server.

Examples

Example 1: Create a profile for AMT-based computers on a wireless network

PS C:\> New-CMWirelessProfileObject -ClientAuthenticationMethod  EapTtlsMschapv2 -ClientCertificateTemplate "Contoso Wireless User"  -ClientCertificationAuthorityName "Contoso CA 1" -ClientIssuingCertificationAuthority "ContosoCA.Contoso.com" -EncryptionMethod TKIP -NetworkName "ContosoWireless" -ProfileName "WirelessLocalUser" -SecurityType WPA2Enterprise -TrustedRootCertificate "Contoso Root CA"

This command creates a profile for Intel Active Management Technology (AMT)-based computers on a wireless network. The command specifies security settings, such as the client authentication method, information necessary for certificates, and wireless network configuration. These settings must match the settings for the Remote Authentication Dial-In User Service (RADIUS) server and wireless network.

Required Parameters

-ClientAuthenticationMethod

Specifies the client authentication method configured on your RADIUS server. The acceptable values for this parameter are:- EapTls. EAP-TLS.

  • EapTtlsMschapv2. EAP-TTLS/MSCHAPv2.
  • Peapv0EapMschapv2. PEAPv0/EAP-MSCHAPv2.

    The default authentication method is EAP-TLS.
Type:ClientAuthenticationMethodType
Parameter Sets:EapTls, EapTtlsMschapv2, Peapv0EapMschapv2
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ClientCertificateTemplate

Specifies a client certificate template.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ClientCertificationAuthorityName

Specifies a certification authority for the client.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ClientIssuingCertificationAuthority

Specifies an issuing certification authority for the client.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-EncryptionMethod

Specifies the encryption method. This method is the same as the encryption method for your wireless network. The acceptable values for this parameter are: AES and TKIP. The default value for this parameter is AES.

Type:EncryptionType
Parameter Sets:Tkip, Aes
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-NetworkName

Specifies the name of your wireless network, also known as the service set identifier (SSID). This name cannot exceed 32 characters.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ProfileName

Specifies a name for this profile. Use alphanumeric characters only, start the name with a letter, and do not exceed 32 characters.

Type:String
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-SecurityType

Specifies the security type for your wireless network. The acceptable values for this parameter are: WPA2Enterprise and WPAEnterprise. The default value for this parameter is WPA2Enterprise.

Type:WirelessProfileSecurityType
Parameter Sets:WpaEnterprise, Wpa2Enterprise
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-TrustedRootCertificate

Specifies the trusted root certificate that the RADIUS server uses as its server authentication certificate.

Type:X509Certificate2
Required:True
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Required:False
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False
-DisableWildcardHandling

Indicates that wildcard handling is disabled.

Type:SwitchParameter
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-ForceWildcardHandling

Indicates that wildcard handling is enabled.

Type:SwitchParameter
Required:False
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Required:False
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False