locked
Help With NPS and Authentication RRS feed

  • Question

  • I have setup NPS to be used to allow access to the Wifi. At present I have a Cert Server issuing a Cert for the computer via a GPO and this works with the settings in the NPS Policy that say the Computer must be a member of this group. When I try and then add to this policy that i want the User to be a member of a group it all fails.

    I have setup a User Certificate whose purpose is Signature and Smartcard logon but the connection then just fails and thea reason code in the log file just says "Reason-Code data_type="0". I am sure others must of setup something similar to this so if anyone has any pointers or a set of instructions I would be very grateful.

    The Cert Server is an internal one on the local domain.

    Thanks.

    Saturday, June 6, 2015 11:03 AM

Answers

  • For authentication in NPS, the client certificate *must* have Client Authentication in the EKU/Application Policy extensions. Based on what you have stated, you only had Smartcard logon.

    Brian

    Saturday, June 6, 2015 12:41 PM