[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Server 2008 R2 Radius / NPS not recognising user name

Posted on 2011-03-20
3
Medium Priority
?
2,197 Views
Last Modified: 2013-12-04
I am trying to configure our Windows 2008 Radius Server to apply a specific settings to a single wireless client. Unfortunately the radius requests are not containing a lot of information to differentiate between clients - the only unique field in the event log is the 'User Name'.

However when I try to set up a new Connection Request Policy to trigger on the 'User name' condition it skips this policy in position 1 and matches against the policy in position 2.

(Event log details)
+ System
- EventData

  SubjectUserSid S-1-0-0
  SubjectUserName SVWwan
  SubjectDomainName -
  FullyQualifiedSubjectUserName -
  SubjectMachineSID S-1-0-0
  SubjectMachineName -
  FullyQualifiedSubjectMachineName -
  MachineInventory -

Although I can see the SubjectUserName  (SVWwan)coming through in the event log I can't get it to match against anything in the User Name condition.
Is the SubjectUserName the same thing as User Name condition in the Connection Request Policies ? Has anyone run into problems with the username condition field or do you know any tricks to use with the pattern-matching syntax that might help?

Thanks in advance
0
Comment
Question by:BigBlake
  • 2
3 Comments
 

Expert Comment

by:PotreroHill
ID: 35218047
I feel you pain. I've been trying to find a comprehensive guide to working with NPS, but typical to MS fashion, there's little, legible, material available.
Take a look at this link, it may have some info that will help, tho it does not target your specific question, it does go spell out configuration steps and helped me understand the various components involved with setting up policies and conditions
http://araihan.wordpress.com/2009/11/11/windows-server-2008-how-to-configure-network-policy-server-nps-or-radius-server/

My problem is that (1) the logs indicate my wireless is connecting at 0Mbps on 802.11b - and I'm on 802.11n, and 'report code 23', some ridiculously vague error indicating NPS 'use of EAP".
http://technet.microsoft.com/en-us/library/dd197464%28WS.10%29.aspx

Post your solution when you find it, it will certainly help others.
0
 
LVL 1

Accepted Solution

by:
BigBlake earned 0 total points
ID: 36150391
Well I finally got htis working, although not as I had originally envisaged. I am now able to apply individual settings to connections (Like framed routes etc.) to incoming connections from Telstra's nextG service. At least some of the problems came from the unknown authentication servers used by our carrier which were proxying the authentication information through to us.

I am currently working on my documentation, if anyone else is facing similar issues (Telstra NextG connection on telstra.corp apn) let me know and I can post the detailed steps.
0
 
LVL 1

Author Closing Comment

by:BigBlake
ID: 36171821
I am not 100% happy with the solution - it is partial work around that gives me the functionality we require but with a lowering of security.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question