ITHandyMan
asked on
Wireless LAN stops authenticating when one of the DCs is turned off
We have a Windows 2003 DC which is being demoted. In the interim, we had to turn it off while the new DCs services the network. We noticed that our Wifi stopped authenticating. Users could see the SSID, they could select it but then it kept on asking them to authenticate.
The wireless setup has two controllers and two radius servers that authenticate the users automatically using their AD credentials. I have had a look through the Radius setup and there is no specific mention of the 2003 DC.
I have also checked the Controller settings, which just lists the Radius servers.
We have had to restart the server as the users could not work. The only other thing I could have tried was to restart the 'Network Policy Server' service on the Radius boxes.
Any ideas why this would be breaking and how it can be fixed?
Cheers,
A
The wireless setup has two controllers and two radius servers that authenticate the users automatically using their AD credentials. I have had a look through the Radius setup and there is no specific mention of the 2003 DC.
I have also checked the Controller settings, which just lists the Radius servers.
We have had to restart the server as the users could not work. The only other thing I could have tried was to restart the 'Network Policy Server' service on the Radius boxes.
Any ideas why this would be breaking and how it can be fixed?
Cheers,
A
Are you using NPS on a DC or just a member server? Usually it's recommended to install NPS on a DC. That alleviates issues such as the one you appear to be having.
ASKER
It's on a separate server not on a DC but has been working fine with the other DC. Any suggestions other then moving the role?
You need to establish which DC the NPS is using to authenticate users. It sounds like it's only looking at the 2003 DC. This could be a DNS server config issue on the NIC of the NPS member server.
ASKER
Its pointing to the new DCs for DNS. I have had a good look on the NPS console and it does not have any mention of a DC let alone 2003 DC. The only thing I can think of is to restart the NPS services once the DC services have been turned off. What do you think?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help guys. It turned out that NPS services needed a kick so it could query the DNS again. All working fine. Many thanks
ASKER
This comment pointed me in the direction to restart the correct services and fixing the issue
Some Cisco WLC's just relay DHCP requests to other servers. Perhaps the DHCP for that subnet is being hosted on the old one?
Just some thoughts.