Solved

Wireless 5108 Cisco with "Network authentication failed due to a problem with the user account"

Posted on 2014-04-07
3
5,847 Views
Last Modified: 2014-04-17
Hello EE,

Cisco Wireless 5108 when pointing to Domain Controller for Radius Authentication if I uncheck (Microsoft Encrypted Authentication version 2) in EAP properties on DC, authentication works.

When I check it, I get "Network Authentication failed due to problem with the user account".  I have Setup a backup Domain Controller with its own certificate and it works in authenticating but this domain controller does not.  The only difference I can determine is this uses a  wild card certificate and the other doesn't.  Is this why?
0
Comment
Question by:bergquistcompany
  • 2
3 Comments
 
LVL 45

Expert Comment

by:Craig Beck
Comment Utility
Can you post the logs?  If it's a 2003 DC you'll find IAS events in the system log.  If it's a 2008> DC you'll find them in Custom logs.
0
 

Author Comment

by:bergquistcompany
Comment Utility
Here is what the event logs show.  Also I attached a screen shot of the wireless properties and wonder if the less secure should be used (see screen shot of properties attached)?

Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:
      Security ID:                  NULL SID
      Account Name:                  windows7
      Account Domain:                  NORTHAMERICA
      Fully Qualified Account Name:      NORTHAMERICA\windows7

Client Machine:
      Security ID:                  NULL SID
      Account Name:                  -
      Fully Qualified Account Name:      -
      OS-Version:                  -
      Called Station Identifier:            00-3a-99-00-89-80:BERGQUIST
      Calling Station Identifier:            40-0e-85-10-89-64

NAS:
      NAS IPv4 Address:            10.10.1.57
      NAS IPv6 Address:            -
      NAS Identifier:                  Bergquist WLAN Controller
      NAS Port-Type:                  Wireless - IEEE 802.11
      NAS Port:                  1

RADIUS Client:
      Client Friendly Name:            WLC
      Client IP Address:                  10.10.1.57

Authentication Details:
      Connection Request Policy Name:      Use Windows authentication for all users
      Network Policy Name:            -
      Authentication Provider:            Windows
      Authentication Server:            CHDC2.northamerica.bergquistcompany.com
      Authentication Type:            EAP
      EAP Type:                  -
      Account Session Identifier:            -
      Logging Results:                  Accounting information was written to the local log file.
      Reason Code:                  8
      Reason:                        The specified user account does not exist.
0
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
Comment Utility
You're using computer authentication - therefore you need to use EAP-based authentication.  If you just use MSChapV2 without EAP the authentication will fail.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now