| FenderAxe 2006-09-21, 7:29 pm |
| =?Utf-8?B?U2NvdHRH?= <ScottG@discussions.microsoft.com> wrote in
news:7697E9A0-62A7-4026-87C7-B8C76AF016E7@microsoft.com:
> Hello --
>
> I have been working to deploy a test environment using certificate
> services as outlined in
>
> Microsoft Solutions for Security: Security Wireless LANs with
> Certificate Services
>
> I run into the following error message on the radius server
>
> Event Type: Warning
> Event Source: IAS
> Event Category: None
> Event ID: 2
> Date: 9/19/2006
> Time: 7:38:02 AM
> User: N/A
> Computer: SERVER1
> Description:
> User scott@test.corp was denied access.
> Fully-Qualified-User-Name = TEST\scott
> NAS-IP-Address = 192.168.255.100
> NAS-Identifier = <not present>
> Called-Station-Identifier = 00-14-C2-A5-6C-C1:test8021x
> Calling-Station-Identifier = 00-13-02-61-29-AC
> Client-Friendly-Name = 192.168.255.100
> Client-IP-Address = 192.168.255.100
> NAS-Port-Type = Wireless - IEEE 802.11
> NAS-Port = 1
> Proxy-Policy-Name = Use Windows authentication for all users
> Authentication-Provider = Windows
> Authentication-Server = <undetermined>
> Policy-Name = Allow Wireless Access
> Authentication-Type = EAP
> EAP-Type = Smart Card or other certificate
> Reason-Code = 287
> Reason = A certificate chain could not be built to a trusted root
> authority.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
> Data:
> 0000: 0a 01 0b 80 ...?
>
>
>
> Can anyone shed light on the solution?
>
> Thanks in advance.
Looks like the CA cert is not in the Trusted Root certification Authorities
certstore on the client computer, or if there is a cert there it is messed
up somehow.
If it exists, delete it and then connecting the laptop with a WIRED
connection and log on -- that refreshed GP and get a CA cert 4 u.
After u get the cert unplug and try wireless logon.
FA
|