none
Issue authentication wireless client using NPS RRS feed

  • Question

  • Hi

    I have a working 802.1X wireless NPS setup but after upgrading one of the clients to Windows 10 1909 when trying to authenticate I get domain\Guest instead of the actual AD user in the event viewer. Obviously the client cannot authenticate. The user is logged in with his AD account. Other clients can authenticate on the same AP so the issue is related to that particular client. Any ideas?

    Thank you

    Monday, February 10, 2020 4:57 PM

All replies

  • Hi,

    Please check your event log and upload the error code.

    About how to troubleshoot the NPS, you can refer the following link:

    https://docs.microsoft.com/en-us/windows/client-management/advanced-troubleshooting-802-authentication

    Hope this can help you.

    Have a nice day!

    Ellen



    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.



    Tuesday, February 11, 2020 4:44 AM
  • Hi

    Please see below. Please let me know I need to provide anything else

    Network Policy Server denied access to a user.

    Contact the Network Policy Server administrator for more information.

    User:
    Security ID: B\Guest
    Account Name:
    Account Domain: B
    Fully Qualified Account Name: B\Guest

    Client Machine:
    Security ID: NULL SID
    Account Name: -
    Fully Qualified Account Name: -
    Called Station Identifier: B4-C7-99-E0-F2-54:White_LAN
    Calling Station Identifier: D4-3B-04-0E-9E-3F

    NAS:
    NAS IPv4 Address: 172.17.0.200
    NAS IPv6 Address: -
    NAS Identifier: ap7131-E942C8
    NAS Port-Type: Wireless - IEEE 802.11
    NAS Port: 1

    RADIUS Client:
    Client Friendly Name: motorola
    Client IP Address: 172.17.0.200

    Authentication Details:
    Connection Request Policy Name: Secure Wireless Connections
    Network Policy Name: -
    Authentication Provider: Windows
    Authentication Server: bil.b.intranet
    Authentication Type: EAP
    EAP Type: -
    Account Session Identifier: 31394539343243382D4434334230343045394533462D30303030303137393831
    Logging Results: Accounting information was written to the local log file.
    Reason Code: 34
    Reason: The user or computer account that is specified in the RADIUS Access-Request message is disabled.

    Tuesday, February 11, 2020 9:25 PM
  • I just started running into the same issue. Was working fine for months, no network changes and just stopped working. Mine does come through with the correct Account name but the Sec ID and FQ name come in as a disabled guest account. I just changed the server name and domain in my event log below.

    Network Policy Server denied access to a user.

    Contact the Network Policy Server administrator for more information.

    User:
    Security ID: DOMAIN\Guest
    Account Name: DOMAIN\ARodriguez
    Account Domain: DOMAIN
    Fully Qualified Account Name: DOMAIN\Guest

    Client Machine:
    Security ID: NULL SID
    Account Name: -
    Fully Qualified Account Name: -
    Called Station Identifier: F0-9F-C2-72-14-AC:Cor_WPA_ENT
    Calling Station Identifier: 5C-51-4F-93-3B-45

    NAS:
    NAS IPv4 Address: -
    NAS IPv6 Address: -
    NAS Identifier: f09fc27214ac
    NAS Port-Type: Wireless - IEEE 802.11
    NAS Port: -

    RADIUS Client:
    Client Friendly Name: COR-RF-AP-CR01
    Client IP Address: 192.168.9.16

    Authentication Details:
    Connection Request Policy Name: Secure Wireless Connections
    Network Policy Name: -
    Authentication Provider: Windows
    Authentication Server: SERVERNAME.domain.local
    Authentication Type: EAP
    EAP Type: -
    Account Session Identifier: 34323843434146303330334230413137
    Logging Results: Accounting information was written to the local log file.
    Reason Code: 34
    Reason: The user or computer account that is specified in the RADIUS Access-Request message is disabled.

    Friday, March 6, 2020 6:20 PM
  • Any movement on this?
    Monday, March 16, 2020 1:25 PM