bergquistcompany
asked on
Wireless 5108 Cisco with "Network authentication failed due to a problem with the user account"
Hello EE,
Cisco Wireless 5108 when pointing to Domain Controller for Radius Authentication if I uncheck (Microsoft Encrypted Authentication version 2) in EAP properties on DC, authentication works.
When I check it, I get "Network Authentication failed due to problem with the user account". I have Setup a backup Domain Controller with its own certificate and it works in authenticating but this domain controller does not. The only difference I can determine is this uses a wild card certificate and the other doesn't. Is this why?
Cisco Wireless 5108 when pointing to Domain Controller for Radius Authentication if I uncheck (Microsoft Encrypted Authentication version 2) in EAP properties on DC, authentication works.
When I check it, I get "Network Authentication failed due to problem with the user account". I have Setup a backup Domain Controller with its own certificate and it works in authenticating but this domain controller does not. The only difference I can determine is this uses a wild card certificate and the other doesn't. Is this why?
Craig Beck
Can you post the logs? If it's a 2003 DC you'll find IAS events in the system log. If it's a 2008> DC you'll find them in Custom logs.
ASKER
Here is what the event logs show. Also I attached a screen shot of the wireless properties and wonder if the less secure should be used (see screen shot of properties attached)?
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: windows7
Account Domain: NORTHAMERICA
Fully Qualified Account Name: NORTHAMERICA\windows7
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 00-3a-99-00-89-80:BERGQUIS
Calling Station Identifier: 40-0e-85-10-89-64
NAS:
NAS IPv4 Address: 10.10.1.57
NAS IPv6 Address: -
NAS Identifier: Bergquist WLAN Controller
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 1
RADIUS Client:
Client Friendly Name: WLC
Client IP Address: 10.10.1.57
Authentication Details:
Connection Request Policy Name: Use Windows authentication for all users
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: CHDC2.northamerica.bergqui
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 8
Reason: The specified user account does not exist.
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: windows7
Account Domain: NORTHAMERICA
Fully Qualified Account Name: NORTHAMERICA\windows7
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 00-3a-99-00-89-80:BERGQUIS
Calling Station Identifier: 40-0e-85-10-89-64
NAS:
NAS IPv4 Address: 10.10.1.57
NAS IPv6 Address: -
NAS Identifier: Bergquist WLAN Controller
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 1
RADIUS Client:
Client Friendly Name: WLC
Client IP Address: 10.10.1.57
Authentication Details:
Connection Request Policy Name: Use Windows authentication for all users
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: CHDC2.northamerica.bergqui
Authentication Type: EAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 8
Reason: The specified user account does not exist.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.