EAP-TLS Authentication

make sure your certificate template have client authentication as enhanced key usage.

Also make sure your wireless profile on windows 7 is set to use user certificate and not computer

I have verified the certificate does have client authentication.

Below is the security event error from the PC.

Subject:
      Security ID:            username@domainname
      Account Name:            USERNAME
      Account Domain:            DOMAINANME
      Logon ID:            0xa0dcf

Network Information:
      Name (SSID):            EAP-TLS
      Interface GUID:            {f1d2f46b-8748-47ff-872f-02920fc14dbc}
      Local MAC Address:      70:F3:95:E1:75:8E
      Peer MAC Address:      B4:E9:B0:E5:2C:33

Additional Information:
      Reason Code:            Explicit Eap failure received (0x50005)
      Error Code:            0x40420110
      EAP Reason Code:      0x40420110
      EAP Root Cause String:      Network authentication failed due to a problem with the user account

try looking at event viewer logs on NPS server (custom view - server roles - network policy server)

"NPSSERVER","IAS",09/20/2018,15:27:37,3,,"domain\username",,,,,,,,0,"ip","WLC_CT5508",,,,,,,5,"Secure Wireless Connections - Test",22,"311 1 IP 09/20/2018 16:50:50 4822",,,,"",,,,,"5ba3f371/mac/1729119",,,,,,,,,,,,,,,,,,,,,,,,,"Secure Wireless Connections",1,,,,

I dont see anything in the event viewer but I do see this in the logs.

try this to enable logging on NPS
https://support.microsoft.com/en-ie/help/951005/the-network-policy-server-may-not-log-successful-authentication-events

also - this is security logs, so if you have 100 000s of audits, then your security logs are overwritten long before you can look at logs.
those raw logs are okay for troubleshooting of nothing hits the NPS service.

the certificate; you have the root certificate and all other certificates trusted on your computer, and NPS server?

Checked the Certificates in MMC local computer and verified our RootCA and SubCA certificates are in there and also in the trusted root Auth folder. I checked and the network policy and access services are being logged in the event viewer but there are no events in there.

I did find this in the administrative events though at the same time I tried to connect.

"The SSL server credential's certificate does not have a private key information property attached to it. This most often occurs when a certificate is backed up incorrectly and then later restored. This message can also indicate a certificate enrollment failure."
2018-09-20-16_39_05-BOCCNPS1---Remot.png

ah ...

did you see that message on your computer? Then you might be missing the private key.
open your user certificate, does it have this message on the front page:

You have a private key that corresponds to this certificate

also - when looking at certificate in user store - does it have a key on top of the certificate icon?

I saw the message on the NPS server. I went back and checked both the pc and the nps server and they both have the key on their certificates.

When I attempt to connect to the wifi now its shows there is an issue with my user account. I double checked the name mappings and have the exact same certificate mapped.

look at certificate template - how do you populate subject name? look at this blog
https://www.network-node.com/blog/2015/12/24/server-2012-configuration-certificate-templates

I was using email name and UPN to build the info. I can try and change those right quick. I did notice that our PKI is still SHA1, so I am also going to try and update to SHA2 this week. I don't think Windows 10 allow me to use a SHA1 cert.