Z
Zarlyk
I have AD with domain xy.com for historical reason (real domain are replaced with XY and XYZ) but due to organization name change we got xyz.com domain and we are using for website and we want to use it for international wifi roaming.
Also we are not holder of xy.com domain
locally we are still using xy.com domain in AD because many internal services are integrated with it and in use.
We are planning to migrate to new domain in the future fully.
For now i need to authenticate wifi users with xyz.com domain (we don't have any problem authenticating users wit xy.com domain)
To do this i used realm replace. But i am now having error :
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
HOW this problem can be solved ?
log shows that realm replace is working fine:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: XY\user1
Account Name: user1@xy.com
Account Domain: XY
Fully Qualified Account Name: XY\user1
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 64-70-02-91-F8-AA:eduroam2
Calling Station Identifier: 84-38-38-25-53-46
NAS:
NAS IPv4 Address: 172.16.0.1
NAS IPv6 Address: -
NAS Identifier: -
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 0
RADIUS Client:
Client Friendly Name: eduroam-AP1
Client IP Address: 10.100.0.10
Authentication Details:
Connection Request Policy Name: xyz eduroam users
Network Policy Name: 802Xadmin
Authentication Provider: Windows
Authentication Server: ad1.xyz.com
Authentication Type: PEAP
EAP Type: Microsoft: Secured password (EAP-MSCHAP v2)
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
Thanks in advance.
Continue reading...
Also we are not holder of xy.com domain
locally we are still using xy.com domain in AD because many internal services are integrated with it and in use.
We are planning to migrate to new domain in the future fully.
For now i need to authenticate wifi users with xyz.com domain (we don't have any problem authenticating users wit xy.com domain)
To do this i used realm replace. But i am now having error :
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
HOW this problem can be solved ?
log shows that realm replace is working fine:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: XY\user1
Account Name: user1@xy.com
Account Domain: XY
Fully Qualified Account Name: XY\user1
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 64-70-02-91-F8-AA:eduroam2
Calling Station Identifier: 84-38-38-25-53-46
NAS:
NAS IPv4 Address: 172.16.0.1
NAS IPv6 Address: -
NAS Identifier: -
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 0
RADIUS Client:
Client Friendly Name: eduroam-AP1
Client IP Address: 10.100.0.10
Authentication Details:
Connection Request Policy Name: xyz eduroam users
Network Policy Name: 802Xadmin
Authentication Provider: Windows
Authentication Server: ad1.xyz.com
Authentication Type: PEAP
EAP Type: Microsoft: Secured password (EAP-MSCHAP v2)
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
Thanks in advance.
Continue reading...