• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7091
  • Last Modified:

Wireless 5108 Cisco with "Network authentication failed due to a problem with the user account"

Hello EE,

Cisco Wireless 5108 when pointing to Domain Controller for Radius Authentication if I uncheck (Microsoft Encrypted Authentication version 2) in EAP properties on DC, authentication works.

When I check it, I get "Network Authentication failed due to problem with the user account".  I have Setup a backup Domain Controller with its own certificate and it works in authenticating but this domain controller does not.  The only difference I can determine is this uses a  wild card certificate and the other doesn't.  Is this why?
0
bergquistcompany
Asked:
bergquistcompany
  • 2
1 Solution
 
Craig BeckCommented:
Can you post the logs?  If it's a 2003 DC you'll find IAS events in the system log.  If it's a 2008> DC you'll find them in Custom logs.
0
 
bergquistcompanyAuthor Commented:
Here is what the event logs show.  Also I attached a screen shot of the wireless properties and wonder if the less secure should be used (see screen shot of properties attached)?

Network Policy Server denied access to a user.

Contact the Network Policy Server administrator for more information.

User:
      Security ID:                  NULL SID
      Account Name:                  windows7
      Account Domain:                  NORTHAMERICA
      Fully Qualified Account Name:      NORTHAMERICA\windows7

Client Machine:
      Security ID:                  NULL SID
      Account Name:                  -
      Fully Qualified Account Name:      -
      OS-Version:                  -
      Called Station Identifier:            00-3a-99-00-89-80:BERGQUIST
      Calling Station Identifier:            40-0e-85-10-89-64

NAS:
      NAS IPv4 Address:            10.10.1.57
      NAS IPv6 Address:            -
      NAS Identifier:                  Bergquist WLAN Controller
      NAS Port-Type:                  Wireless - IEEE 802.11
      NAS Port:                  1

RADIUS Client:
      Client Friendly Name:            WLC
      Client IP Address:                  10.10.1.57

Authentication Details:
      Connection Request Policy Name:      Use Windows authentication for all users
      Network Policy Name:            -
      Authentication Provider:            Windows
      Authentication Server:            CHDC2.northamerica.bergquistcompany.com
      Authentication Type:            EAP
      EAP Type:                  -
      Account Session Identifier:            -
      Logging Results:                  Accounting information was written to the local log file.
      Reason Code:                  8
      Reason:                        The specified user account does not exist.
0
 
Craig BeckCommented:
You're using computer authentication - therefore you need to use EAP-based authentication.  If you just use MSChapV2 without EAP the authentication will fail.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now