PEAP Authentication Failure

Hi guys,

I need your help again.  One specific user cannot login the domain's wifi network on his laptop (Lenovo Thinkpad) that uses the PEAP authenticaiton  since this week.  Other users can get connected to the wifi network and the user account in question also can do the same on spare laptops so I'm assuming the issue is not with the AP or the RADIUS server handling the wifi authentication.  

The OS is Windows XP and the credentials to login the wifi is used the same one as login to the domain network.  I have updated the wifi's device driver (INTEL WiFi 5100 AGN) to the latest one and deleted the PEAP credential cashe following the article in , and also applied the gpupdate /force while the LAN cable is connected but nothing mentioned fixed the issue.  

It seems the system is attempting to connect to the wifi but the warning message  "the account has failed to logon the wireless network" repeatedly appears and eventually the apptept fails - as I mentioned earlier the account should work as it was able to connect the same network on other workstations.

The bizzare thing is other account is also rejected by the same message when trying to connect it on the user's laptop, the whole wifi related settings are the same to other machines so the only difference I think is the host name and the model of wifi adapter.  The laptops are all put together under the same OU. There's apparently something wrong with the user's laptop but I'm not a wifi oriented and would like to have your suggestions to tackle the issue.  

Best regards
Who is Participating?
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
Ok --- I will wait for logs then, looks like we'll need them
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
what are the error message on Radius server?
is this a 2003IAS or 2008/2012NPS server?

2003 have logs in SYSTEM
2008/2012 have them in security. look for failure audits with source network policy server.

Might be wrong wireless setup on laptop
KyotokyoAuthor Commented:

thank you for the quick response.  Unfortunately I don't have the access to the RADIUS server and cannot check the logs recorded in there.  I will ask the global IT team to check this out and let you know if they found any error.  

The problematic laptop is configured using the same wifi settings as the working laptops, rather, the wifi settings are controlled by the domain's group policy so the related values and parameters are not manually configurable.  


We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Mohammed KhawajaConnect With a Mentor Manager - Infrastructure:  Information TechnologyCommented:
PEAP authentication is used for both computer and user authentication.  Have you checked the computer account and is it okay?  What happens when you connect the computer to a wired network.
Craig BeckConnect With a Mentor Commented:
We do need the logs.  If it's NPS we need the Custom NPS logs, not the security logs.  (They show less detail in the security log for NPS).
KyotokyoAuthor Commented:
Thanks guys.  I'm asking the global IT team for the log and once I received it I will share with you.  For the computer account it just works fine.  Internet, Intranet and Email are all functioning perfectly.  I had a look on the computer account settings in AD and it has the same manner of configuration and belongs to the same OU as other machines.
KyotokyoAuthor Commented:
The global IT department doesn't provide the log yet... and the issue is resolved by replacing the user's computer to Win7.  Sorry for the delay and thanks much for your comments.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.