Certificate Authority – RADIUS/WPA

radiuswpa

We have a problem with our Certificate Authority, it deletes its own Computer Certificate day-by-day. I implement a WPA wireless security via RADIUS standard with using that computer. So everyday I have to renew computer certificate. When I check Event viewer, three logs are shown as :

Source : IAS Event ID : 3

Access request for user User1 was
discarded. Fully-Qualified-User-Name
= domain.com/Users/User1 NAS-IP-Address = 192.168.0.66
NAS-Identifier = Wireless
Called-Station-Identifier =
001d.45d3.4190
Calling-Station-Identifier =
0023.df15.1483 Client-Friendly-Name = Wireless Client-IP-Address =
192.168.0.66 NAS-Port-Type = Wireless – IEEE 802.11 NAS-Port = 5113 Proxy-Policy-Name = Use Windows
authentication for all users
Authentication-Provider = Windows
Authentication-Server =
Reason-Code = 23 Reason = Unexpected
error. Possible error in server or
client configuration.

Source : IAS Event ID : 20168

Could not retrieve the Remote Access
Server's certificate due to the
following error: Cannot find object or
property.

Source : IAS Event ID : 20168

Because no certificate has been
configured for clients dialing in with
EAP-TLS, a default certificate is
being sent to user Domain\User1.
Please go to the user's Remote Access
Policy and configure the Extensible
Authentication Protocol (EAP).

What could cause the problem?

Best Answer

It works. Any argument ?

most likely the certificate is deleted by some application. Sometimes the certificate is not deleted, but rather archived. To verify, please run certmgr.msc and open the certificate snap-in. Then click Certificates->View->Options and select Archive Certificates. the certificates show up again.

It could be the Live Sync program that deletes/archive the certificate. To verify, please try not to use the program on the machine and monitor if the certificate gets deleted/archived. I also found that the software FolderShare can also cause this kind of problem. If you have this software installed, please remove or disabled this software. Thank you.

To troubleshot it, I recommend we operate a clean boot the problematic machine and check it again.

To perform a clean boot, please follow these steps.

  1. Type MSCONFIG to open system configuration console.

  2. Go to Services tab, click the option to hide all Microsoft Services and then click the Disable All button.

  3. Go to Startup tab, click the Disable All button.

  4. Restart the computer.

Related Topic