locked
Windows XP Client Rejected (wired 802.1x), Reason Code 7: NO SUCH DOMAIN RRS feed

  • Question

  • Hi.

    I have an authentication problem with my Windows XP clients. My server is Windows Server 2008R2 with NPS installed and configured for Wired 802.1x. The setup should be fine as my Windows 7 machines can authenticate correctly if they have a certain computer certificate.

    The error code in the log is 07 - No Such Domain

    When I look at the log more closely I can see that somehow the authentication request shortens the computer name of my Windows XP machine, and thats why it cannot recognize the domain name. No matter which computer name I choose for my machine it always shortens the name to 11 characters. An example:

    Working Windows 7 authentication log: 

    User Name: host/computer7.domain.local Connect Request IAS_SUCCESS

    Windows XP authentication log for two different computer names (xp.domain.local and winxp.domain.local):

    User Name: host/xp.domain.l Connect Request IAS_NO_SUCH_DOMAIN

    User Name: host/winxp.domai Connect Request IAS_NO_SUCH_DOMAIN

    Any suggestions on why the computer name is cut off? Thanks.

    Thursday, November 21, 2013 10:13 AM

Answers

  • Hi,

    From the description, the issue only happens on Windows XP, please install a new Windows XP have a test. Meanwhile, to better find the clue, we recommend to collect RRAS traces and network traces on a problematic client and the NPS server. It will let us know clear which side cause the issue. To do this,

     

    a. Download Microsoft Network Monitor Tool from the following link and install it on the client and the server.

    http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=983b941d-06cb-4658-b7f6-3088333d062f

    b. Start Network Monitor at "Start" ->"Program"-> "Microsoft Network Monitor 3.4" -> "Microsoft Network Monitor 3.4" on the client and the server.

    c. On the left-panel, select LAN connection on the server and select corresponding connection on the client.

    d. Click "Tools", click "Options", switch to the "Capture" tap, and set the "Temporary capture file size (MB)" to 200 on the client and the server.

    e. On the NPS server and the wireless client, run the following command under the command prompt to enable RRAS tracing.

    netsh ras set tracing * enabled

    f. Click "New Capture", click "Start" on the Capture menu in the two Network Monitor windows.

    g. Now from the client, try to establish the wireless connection to reproduce the problem.

    h. Once the problem occurs, click "Stop" on the Capture menu on the client and the server, and click "File"->"Save as" to save the captured files.

    i. Run the following command under the command prompt on both the NPS server and the client to disable RRAS tracing.

    netsh ras set tracing * disabled

    j. The tracing files are saved at %systemroot%\tracing folder. On both the NPS server and the client.

    Thanks in advance.

    Best regards,

    Steven


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Marked as answer by Alex Lv Monday, December 9, 2013 6:09 AM
    Saturday, November 30, 2013 4:36 AM

All replies

  • Hi,


    I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.


    Thanks for your understanding and support.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

    Tuesday, November 26, 2013 6:21 AM
  • Hi,

    From the description, the issue only happens on Windows XP, please install a new Windows XP have a test. Meanwhile, to better find the clue, we recommend to collect RRAS traces and network traces on a problematic client and the NPS server. It will let us know clear which side cause the issue. To do this,

     

    a. Download Microsoft Network Monitor Tool from the following link and install it on the client and the server.

    http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=983b941d-06cb-4658-b7f6-3088333d062f

    b. Start Network Monitor at "Start" ->"Program"-> "Microsoft Network Monitor 3.4" -> "Microsoft Network Monitor 3.4" on the client and the server.

    c. On the left-panel, select LAN connection on the server and select corresponding connection on the client.

    d. Click "Tools", click "Options", switch to the "Capture" tap, and set the "Temporary capture file size (MB)" to 200 on the client and the server.

    e. On the NPS server and the wireless client, run the following command under the command prompt to enable RRAS tracing.

    netsh ras set tracing * enabled

    f. Click "New Capture", click "Start" on the Capture menu in the two Network Monitor windows.

    g. Now from the client, try to establish the wireless connection to reproduce the problem.

    h. Once the problem occurs, click "Stop" on the Capture menu on the client and the server, and click "File"->"Save as" to save the captured files.

    i. Run the following command under the command prompt on both the NPS server and the client to disable RRAS tracing.

    netsh ras set tracing * disabled

    j. The tracing files are saved at %systemroot%\tracing folder. On both the NPS server and the client.

    Thanks in advance.

    Best regards,

    Steven


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Marked as answer by Alex Lv Monday, December 9, 2013 6:09 AM
    Saturday, November 30, 2013 4:36 AM
  • Hi.

    Thank you for your assistance and time on this one. I have decided not to spend more time on troubleshooting Windows XP machines. I will get rid of all Windows XP machines in our network before spring 2014 so there's no need for you guys to troubleshoot this issue any further.

    I will get back at you if I have similar issues with Windows 7 clients. I can see from the logs that initially also Windows 7 clients are trying to authenticate with the shortened machine name, but after a few seconds these clients can authenticate successfully so no worries here.

    Monday, December 9, 2013 10:49 AM