Problems authenticating using WPA2-Enterprise.. Help!

Discussion in 'Wireless Networking' started by Craig, Mar 3, 2009.

  1. Craig

    Craig Guest

    Hi.

    I've been trying to setup wireless networking, using WPA2-Enterprise
    security. I'm using IAS on a server, which is also the only domain
    controller. The server also has the Certificate Authority server, and
    self-generated a certificate. Windows 2003 server.

    I've exported the certificate from the server (as *.PB7 file), and install
    that on the client (via mmc certmgr.msc snap-in), importing into the
    Enterprise Trust folder.

    I'm not sure what is going on, but out of about 10 users trying to connect,
    I can only get about 4 to work. The clients are personal computers, and a
    mix of OS (XP, Vista, Mac OS X). Some of the ones that work are Vista Home
    Premium, at least one that works is XP. One computer is a member of the
    domain, most are not. As far as I can tell, setup is the same on all. I
    personally setup on some, and it all seems the same as the setup on my PC
    (which works), yet it fails to work.

    In most cases where it doesn't work, it is first because the computer is
    trying to authenticate as computer or local login, instead of using the
    domain login account. Then the appropriate options are unticked, and the
    user is prompted to enter username and password. At this stage, when the
    correct username and password is entered, it is not successful, but keeps
    prompting to re-enter credentials (often the balloon pops up in bottom right
    corner before the user has had time to finish entering details the previous
    time), and there is no longer anything in the server logs.

    I especially don't understand why there is nothing in the logs showing these
    failed attempts to login, even though previous attempts are recorded in the
    logs for the same computer (eg when no certificate, or trying automatic
    login).

    It seems like after a while it stops talking to IAS. Is there some kind of
    inbuilt security where a computer is blocked after a certain number of
    failed attempts? How long does it take before they can try again?

    Also, I'm wondering if I'm using the wrong type of certificate. Also, since
    it does work for some computers, it seems like maybe that is ok..?

    Any ideas? It is really wrecking my head!

    Thanks,

    Craig
    Craig, Mar 3, 2009
    #1
    1. Advertising

  2. Craig

    Craig Guest

    Is this question better to send to radius group, or ok here?

    Craig

    "Craig" <> wrote in message
    news:%232A%...
    > Hi.
    >
    > I've been trying to setup wireless networking, using WPA2-Enterprise
    > security. I'm using IAS on a server, which is also the only domain
    > controller. The server also has the Certificate Authority server, and
    > self-generated a certificate. Windows 2003 server.
    >
    > I've exported the certificate from the server (as *.PB7 file), and install
    > that on the client (via mmc certmgr.msc snap-in), importing into the
    > Enterprise Trust folder.
    >
    > I'm not sure what is going on, but out of about 10 users trying to
    > connect, I can only get about 4 to work. The clients are personal
    > computers, and a mix of OS (XP, Vista, Mac OS X). Some of the ones that
    > work are Vista Home Premium, at least one that works is XP. One computer
    > is a member of the domain, most are not. As far as I can tell, setup is
    > the same on all. I personally setup on some, and it all seems the same as
    > the setup on my PC (which works), yet it fails to work.
    >
    > In most cases where it doesn't work, it is first because the computer is
    > trying to authenticate as computer or local login, instead of using the
    > domain login account. Then the appropriate options are unticked, and the
    > user is prompted to enter username and password. At this stage, when the
    > correct username and password is entered, it is not successful, but keeps
    > prompting to re-enter credentials (often the balloon pops up in bottom
    > right corner before the user has had time to finish entering details the
    > previous time), and there is no longer anything in the server logs.
    >
    > I especially don't understand why there is nothing in the logs showing
    > these failed attempts to login, even though previous attempts are recorded
    > in the logs for the same computer (eg when no certificate, or trying
    > automatic login).
    >
    > It seems like after a while it stops talking to IAS. Is there some kind of
    > inbuilt security where a computer is blocked after a certain number of
    > failed attempts? How long does it take before they can try again?
    >
    > Also, I'm wondering if I'm using the wrong type of certificate. Also,
    > since it does work for some computers, it seems like maybe that is ok..?
    >
    > Any ideas? It is really wrecking my head!
    >
    > Thanks,
    >
    > Craig
    Craig, Mar 4, 2009
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ron Lowe
    Replies:
    11
    Views:
    7,306
    Ron Lowe
    Jan 9, 2006
  2. Pavlov
    Replies:
    0
    Views:
    924
    Pavlov
    Jul 14, 2003
  3. Rick
    Replies:
    2
    Views:
    653
  4. Replies:
    0
    Views:
    422
  5. Lost Pixel
    Replies:
    0
    Views:
    370
    Lost Pixel
    May 6, 2008
Loading...

Share This Page