locked
SCHannel 36887, NAP 15 & 17 errors RRS feed

  • General discussion

  •   I am having the following errors in the system log of 3 of my Domain Controllers:
    • 1 event; SChannel 36887 The following fatal alert was received: 47
    • 2 events; NAP 15 A malformed RADIUS message was received from client DC01. The data is the RADIUS message.
    • 1 event; Then NAP 17 An Access-Request message was received from RADIUS client XXX.XXX.XXX.XXX without a Message-Authenticator attribute when a Message-Authenticator attribute is required. Verify the configuration of the RADIUS client in the Network Policy Server snap-in (the "Client must always send the Message-Authenticator attribute in the request" checkbox) and the configuration of the network access server.
    • 3 events; NAP 15 A malformed RADIUS message was received from client DC01. The data is the RADIUS message.
    • 1 event; Then NAP 17 An Access-Request message was received from RADIUS client XXX.XXX.XXX.XXX without a Message-Authenticator attribute when a Message-Authenticator attribute is required. Verify the configuration of the RADIUS client in the Network Policy Server snap-in (the "Client must always send the Message-Authenticator attribute in the request" checkbox) and the configuration of the network access server.
    • 1 event; SChannel 36887 The following fatal alert was received: 47

    The above all happens over 51 seconds and then there is a 23 minute and 58 second break and it repeats itself again. DC01 holds all the Operations Manager Roles and is also the Schema Manager. DC01 gets the same SChannel 36887 error but none of the rest.

    I am running Windows Server 2008 R2 Service Pack 1 all on virtual servers. NAP is installed on all of them for Wireless Authentication which is not . working because of the above errors I would guess. They are not running any other server software just LANDesk Client software and a virus scan application. This problem started about 2 months ago. Prior to that I had no problems at all.

    I have looked all over the internet and have been unable to find a solution. Any help that can be provided will be greatly appreciated.

    Thank you!

    Friday, March 2, 2012 4:45 AM

All replies

  •  

    Hi c5411,

    Thanks for posting here.

    >This problem started about 2 months ago.

    Do you still remember what modification did we performed to our system before we encountered this issue ? have we modified the virtual network setting on virtual machine host? How many domain controller do we have ? have we check the replication status if we have multiply ones.

    >2 events; NAP 15

    >1 event; Then NAP 17

    I suspect these are NPS related events not NAP, can you confirm that ?

    Event ID 15 — NPS Server Communication

    http://technet.microsoft.com/en-us/library/cc735403(WS.10).aspx

    Event ID 17 — NPS Server Communication

    http://technet.microsoft.com/en-us/library/cc735350(WS.10).aspx

    I’d first like to check the connectivity between virtual NPS server and clients with following the procedure in the articles above .

    Meanwhile , could we enable the audit feature for NPS and that should help us to verify the root cause of the connectivity issue :

    NPS events and audit policy 

    http://social.technet.microsoft.com/Forums/en-US/winserverNAP/thread/064f3e68-42fa-4669-aede-838e7cc7df92/

    Could also please post the full description (XML) of the error SChannel 36887 here ?

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum

    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    Monday, March 5, 2012 5:22 AM
  • Hi c5411,

    If there is any update on this issue, please feel free to let us know.

    Regards,

    Tiger Li

    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact  tnmff@microsoft.com.


    Tiger Li

    TechNet Community Support

    Tuesday, March 6, 2012 1:35 AM