locked
Wireless network causing WGA failure?? RRS feed

  • Question

  • Firstly, I have read many articles on this forum and downloaded the latest WGA install, the diagnostics tool and updated ActiveX at the website.

    We are having serious problems with this new bit of software from Microsoft.
    All of our PCs are genuinly licenced and have the certificates/keys stuck on
    the PCs - we also have all original CDs. When I visit the
    www.microsoft.com/genuine site (or the www.microsoft.com/genuine/diag site)
    all 20 PCs in our office validate successfully - they are all able to
    download files from Microsoft's download site and download updates from
    Microsoft Update.

    However, occassionally (and not every time!) when our PCs boot they warn
    that Windows is not genuine. Clicking to resolve the problem visits this site:

    http://www.microsoft.com/genuine/downloads/AutomaticUpdates.aspx?disp...

    Which reads: "You have encountered an unknown error. Please contact your
    local product support team for further assistance with this issue." (Error
    code: 0x80080299). I cannot however contact Microsoft as they are saying I
    have no support tickets included as the product is OEM.

    Can someone please help me here. I suspect the issue is down to our wireless
    network. If the PC has not connected to the network at startup. It is an
    802.11G network with multiple access points and a Wireless Network Policy
    defined in Active Directory. Authentication is done for the computer and then
    the user when logged on using 802.1X RADIUS on Windows Server 2003. There is
    a preshared key using AES over WPA and we are not using certificates. Not all
    PCs connect immediately as occasionally the 4-way handshake fails - this I
    think results in Windows assuming it is not valid.

    This is extremely irritating and I need a solution to either disable the
    checking altogether or an update to ensure that Windows is not "marked" as
    invalid because there is no network connection! Just so no one points at
    system time and date as the cause our PDC is synced to time.windows.com and
    our client PCs all sync with the PDC. This seems an exceptionally fragile way
    to fail validation - I assume it is because kerberos is being used somewhere
    along the line.

    Here are the results of the diagnostic tests:

    Microsoft Genuine Advantage Diagnostic Results
    Passed - Active scripting allowed
    Passed - Display images enabled
    Passed - Computer time and date correct
    Passed - ActiveX enabled
    Passed - Microsoft ActiveX controls loading
    Passed - ActiveX controls connect with Microsoft validation servers

    Clicking the Validate Windows button results in:
    Validation Complete!
    Thank you for validating your copy of Microsoft Windows.

    Thank you for using the Windows Genuine Advantage program. You may now
    access resources for genuine Windows users.

    Here is the result from the Windows based diagnostics tool:

    WGA Diagnostic Data (1.5.0530.2):
    --------------------
    Genuine Validation Status: Genuine
    Windows Product Key: *****-*****-J6KB7-FD23H-3PF8Y
    Windows Product Key Hash: ZFbgFfd2XKxp9j3iMSWU44m0x0g=
    Windows Product ID: 76487-OEM-2254645-57456
    Windows Product ID Type: 3
    Windows License Type: COA/Sysem Builder
    Windows OS version: 5.1.2600.2.00010100.2.0.pro
    Download Center code: DQN4W69
    ID: 9d9d906d-2744-467d-94fc-c18e04059e39
    Is Admin: Yes
    AutoDial: Yes
    Registry: 0x0
    WGA Version: Registered, 1.5.532.2.
    Signature Type: Microsoft.
    Validation Diagnostic:

    Scan: Complete
    Cryptography: Complete

    Office Status: 109
    Office Diagnostics:

    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    Office Details: <GenuineResults><MachineData><UGUID>9d9d906d-2744-467d-94fc-c18e04059e39</UGUID><Version>1.5.0530.2</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><PKey>*****-*****-*****-*****-3PF8Y</PKey><PID>76487-OEM-2254645-57456</PID><PIDType>3</PIDType><SID>S-1-5-21-602162358-583907252-839522115</SID><SYSTEM><Manufacturer>To Be Filled By O.E.M.</Manufacturer><Model>To Be Filled By O.E.M.</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>1002.006</Version><SMBIOSVersion major="2" minor="3"/><Date>20040701000000.000000+000</Date></BIOS><HWID>148E3107018400E2</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone></MachineData>   <Software><Office><Result>109</Result><Products/></Office></Software></GenuineResults> 

    Someone please help as this is extremely irritating for my users and for
    myself! I noticed that there are many cracks already circulating for the WGA
    program - it seems the only people suffering from its implementation are
    those who have purchased legitimate software!

    Thanks in advance
    Jason.

    Thursday, June 22, 2006 8:58 AM

Answers

All replies

  • Jason, a few questions:

     

    When one of the computers randomly log-on and receive notifications that their system may not be genuine, can you specify which notifications they recieve? The 3 different types are:

    - A logon interrupt dialogue box that will timeout 5 seconds before allowing login.

    - A balloon notification from the system tray.

    - A large notification in the background during logon that is part of the wallpaper.

     

    Also, can you run the diagnostics tool when you catch one of the computers during the 299 error and the non-genuine message comes up?

     

    -phil liu

    Thursday, June 22, 2006 8:31 PM
  • Phil,

    Thanks for the prompt reply. The diagnostics in the previous email were the ones for a computer that was currently experiencing the problem. I have never seen the background during logon that is part of the wallpaper but can confirm that on every occassion where the problem occurs we see both the logon interupt dialogue with 5 second timeout and the star-shaped notification in the system tray. Clicking "Get Genuine" on the logon prompt seems to do nothing except load Windows, whilst clicking on the baloon in the system tray redirects to the site in the previous email with the error previously mentioned.

    All of our PCs have experienced problems at some point and I am almost convinced now that it is to do with network connectivity - specifically when it takes longer than normal to establish a network connection. If I reboot our wireless access points then boot all PCs there is no problem. Our firewall and gateway are configured to allow access to all the sites required listed on a Microsoft site (I think there were about five different domains) and I have tested connectivity with all of them.

    Group Policy on the domain forces all PCs to allow in the installation of signed ActiveX and allows scripting accross domains (I have set this to enable and not prompt for now just to make sure it works!). GPOs are downloaded and applied without any problems in the event logs.

    If our access points have been running for several days they still obtain an IP from DHCP and authenticate on RADIUS, though this process does seem to drag a little longer than when freshly rebooted - however, clients are able to successfully log on and access network resources and the internet so the connectivity issue (if there is one) is resolved by the point they logon. It seems that WGA makes its decision way before the network connection is fully established.

    Don't know if that helps any? If you need more information, please let me know.

     

    Kind Regards

    Jason

    Friday, June 23, 2006 4:44 PM
  • Jason:

     

    I've been going back and forth with my lead developer on this issue.

     

    The WGA notifications, while at this point does attempt to validate online during login, does not forcefully make any decisions if the computer is "not online". It will simply validate from its cached state. The newest version of the WGA Notifications program (1.5.532.2) has various fixes that should actually be fixed for your computers.

     

    The System Tray Icon should be there, but you are not getting balloons from it, correct?

     

    The lead issue is the logon interrupt dialogue. Can you happen to get the diagnostics output from one of the computers during this odd logon issue?

     

    -phil liu

    Friday, June 23, 2006 5:59 PM
  • Jason:

     

    Can you install the newest version of the Notifications tool (http://www.download.windowsupdate.com/msdownload/update/v3-19990518/cabpool/windowsxp-kb905474-enu-x86_4bafa8793e8cdcaf4ba4ffc494df32d496154544.exe ) on the computers experiencing this issue?

     

    -phil liu

    Friday, June 23, 2006 6:54 PM