Re: Domain Controllers and third Party certificates
From: Susan Way (sway_at_fhcrc.org)
Date: 02/29/04
- Previous message: S. Pidgorny
: "Re: Unix/Linux Kerberos authentication to AD 2003" - In reply to: S. Pidgorny
: "Re: Domain Controllers and third Party certificates" - Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 28 Feb 2004 15:15:22 -0800
Here are the error messages from the event log - it seems to think there
are no certificates configured for EAP but in fact they are - with the same
configuration & certificates this setup works on a member server but
produces these errors on a domain controller. I have replaced the domain
name & user name with domain\user.
Error log
2/25/2004 2:22:50 PM IAS Information None 20190 N/A WALC01 Because no
certificate has been configured for clients dialing in with EAP-TLS, a
default certificate is being sent to user domain\user
Please go to the user's Remote Access Policy and configure the Extensible
Authentication Protocol (EAP).
2/25/2004 2:22:37 PM IAS Error None 3 N/A WALC01 Access request for user
domain\user was discarded.
Fully-Qualified-User-Name = <undetermined>
NAS-IP-Address = 140.107.249.15
NAS-Identifier = la-scca-test-ap
Called-Station-Identifier = 0040.96a0.b93d
Calling-Station-Identifier = 0090.4b62.bd0e
Client-Friendly-Name = la-scca-test-ap
Client-IP-Address = 140.107.249.15
NAS-Port-Type = Wireless - IEEE 802.11
NAS-Port = 281
Proxy-Policy-Name = <none>
Authentication-Provider = <undetermined>
Authentication-Server = <undetermined>
Reason-Code = 1
Reason = An internal error occurred. Check the system event log for
additional information.
2/25/2004 2:22:37 PM IAS Error None 20168 N/A WALC01 Could not retrieve the
Remote Access Server's certificate due to the following error: No
credentials are available in the security package
Thanks for your help.
Susan
"S. Pidgorny <MVP>" <slavickp@yahoo.com> wrote in message
news:enskIOc$DHA.4080@TK2MSFTNGP09.phx.gbl...
> "The certificate fails" requires some elaboration - error messages,
> certificate DN, etc. In my experience working with 1x authentication, the
> error messages are self-explanatory.
>
> --
> Svyatoslav Pidgorny, MVP, MCSE
> -= F1 is the key =-
>
> "Susan Way" <susanw@crab.org> wrote in message
> news:eCxfiGW$DHA.3188@TK2MSFTNGP09.phx.gbl...
> > Does anyone know if there are issues or special install instructions for
> > installing third party certificates on Domain Controllers?
> >
> > We have an Active Directory 2003 domain - IAS installed on the DCs -
works
> > for the VPN with no problems.
> >
> > We installed server 3rd party certificates for wireless authentication -
> the
> > certificate fails. If we install IAS and the certificates on a member
> server
> > running 2003 no problems - they work.
> >
> > It maybe that some setting on the domain controllers policy is causing
the
> > problem? They are set at the defaults.
> >
> > Anyone seen this before?
> >
> > Thanks
> > Susan
> >
> > sway@fhcrc.org
> >
> >
>
>
- Previous message: S. Pidgorny
: "Re: Unix/Linux Kerberos authentication to AD 2003" - In reply to: S. Pidgorny
: "Re: Domain Controllers and third Party certificates" - Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
