Having just endured 30 excruciating minutes of utter braindead idiocy that is trying to setup and configure WPA2-Enterprise on a Windows 10 machine, I wanna go and fucking kill myself.

How can it be so bad after so many years this protocol has been out?! Not only can the authentication options be changed only in the who knows how many years old control panel settings and not the modern settings app, but once you finish setting up the network, you can no longer modify some of the key attributes like which CA certificates to validate the radius server against!

What. The. Fuck. Microsoft.

I swear, I don't usually get my jimmies rustled at work, but this... This just bloody infuriated me!

Edit: Okay, I finally managed to authenticate... Only to find out, to my utter horror and shock, that when someone was to impersonate the AP and even present an invalid certificate as the radius server... All that stands between me and getting PWN'd, is a teeny tiny little dialog saying something like "Do you expect to find this network here? Here's its cert. Connect / Cancel"

No huge red warning like in a browser when a webpage presents an invalid SSL certificate, nooooo. No 3-clicks-deep workaround or secret key combinations to add an exception.

Just a yes/no button. And if you click yes (And most users will just click yes), windows will happily connect you to the AP.

Only way to avoid this is changing the notification setting when the CA or Cert don't check out from "Ask the user" to "Don't ask the user", as that's the only way the connection will securely fail!

And this option is buried pretty deep in the WPA2 setup process, which in and of itself sucks donkey balls!

Probably was better represented in the true old control panel and connection settings. Shit now works half nowhere. If you want to do sysadmin stuff on Windows don't GUI go Group policies