No announcement yet.

Active Directory + Network Policy Server

  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory + Network Policy Server

    Hello all!

    I have the following problem that has eaten away two days of worktime:

    I am running Windows Server 2008 Foundation with AD and NPS registered with it. I have configured it to use smart card/certificate authentication (but not via PEAP). The client is a Windows XP SP3. When I try to authenticate, I fail and the NPS log show me this:

    Reason code: 16
    Reason: Authentication failed due to a user credentials mismatch. Either the name provided does not map an existing user account or the password was incorrect.

    Certificates are installed correctly, chains appear OK. What can be the problem??

    When I try to auth via PEAP-MSCHAPv2 everything works fine. When I issue the certificate I match the name and even the e-mail with the name of the user in order for the NPS to match the user in AD.