Comment 21 for bug 111502

Sure-enough, using wpa_supplicant directly connects to the strongest AP much much much more reliably. I'm using the following in /etc/wpa_supplicant.conf:

ctrl_interface_group=0
eapol_version=1
ap_scan=1
fast_reauth=1

network={
 ssid="UWS"
 scan_ssid=1
 key_mgmt=WPA-EAP
 eap=PEAP
 identity=(redacted)
 password=(redacted)
 phase1="peaplabel=0"
 phase2="auth=MSCHAPV2"
 priority=2
}