locked
Windows NPS - EAP-TLS problem RRS feed

  • Question

  • Hello, I have a Windows NPS EAP-TLS policy configured, however my test user is receiving this error. I am not 100% sure that the authenticating client actually has a local certificate. Do the following NPS logs confirm that a client certificate has been presented for authentication or could this error simply mean that client certificate has been presented ?

    Are there any logs within NPS that would show what certificate was presented for authentication via EAP-TLS ?

    Thank you.

    Authentication Details:

    Connection Request Policy Name: CR-ZoneDirector
    Network Policy Name: NP-DOMAIN-BYOD-Wifi-EAP_TLS
    Authentication Provider: Windows
    Authentication Server: DAKLRAD1.domain.forest
    Authentication Type: EAP
    EAP Type: Microsoft: Smart Card or other certificate
    Account Session Identifier: -
    Logging Results: Accounting information was written to the local log file.
    Reason Code: 287
    Reason: A certificate chain could not be built to a trusted root authority.************

    Monday, December 17, 2018 10:40 PM

All replies