Mimmus
2008-03-07 11:34:12 UTC
Hi,
I'm using IAS to authenticate Windows XP machines to my wireless network by
802.1x.
I set up host-only authentication by registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global\AuthMode= 2and by a policy on the IAS server to permit network access only to domaincomputers.It normally works but sometime for some hosts (for instance, belonging to atrusted domain but not only) I get following error:#############################################################Event Type: WarningEvent Source: IASEvent Category: NoneEvent ID: 2Date: 07/03/2008Time: 12.22.45User: N/AComputer: QUESTORE4Description:User host/pd-machine.domain.com was denied access. Fully-Qualified-User-Name = PITAGORA\host/pd-machine.domain.com NAS-IP-Address = 10.101.1.69 NAS-Identifier = ap2 Called-Station-Identifier = 001c2e420565 Calling-Station-Identifier = 0013e8d942e9 Client-Friendly-Name = ap2 Client-IP-Address = 10.101.1.69 NAS-Port-Type = Wireless - IEEE 802.11 NAS-Port = 0 Proxy-Policy-Name = Use Windows authentication for all users Authentication-Provider = Windows Authentication-Server = <undetermined> Policy-Name = <undetermined> Authentication-Type = EAP EAP-Type = <undetermined> Reason-Code = 8 Reason = The specified user account does not exist.#############################################################and access is denied.Why hostname is "PITAGORA\host/pd-machine.domain.com" instead of"host/pd-machine.domain.com"??Thanks in advance--Mimmus
I'm using IAS to authenticate Windows XP machines to my wireless network by
802.1x.
I set up host-only authentication by registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\EAPOL\Parameters\General\Global\AuthMode= 2and by a policy on the IAS server to permit network access only to domaincomputers.It normally works but sometime for some hosts (for instance, belonging to atrusted domain but not only) I get following error:#############################################################Event Type: WarningEvent Source: IASEvent Category: NoneEvent ID: 2Date: 07/03/2008Time: 12.22.45User: N/AComputer: QUESTORE4Description:User host/pd-machine.domain.com was denied access. Fully-Qualified-User-Name = PITAGORA\host/pd-machine.domain.com NAS-IP-Address = 10.101.1.69 NAS-Identifier = ap2 Called-Station-Identifier = 001c2e420565 Calling-Station-Identifier = 0013e8d942e9 Client-Friendly-Name = ap2 Client-IP-Address = 10.101.1.69 NAS-Port-Type = Wireless - IEEE 802.11 NAS-Port = 0 Proxy-Policy-Name = Use Windows authentication for all users Authentication-Provider = Windows Authentication-Server = <undetermined> Policy-Name = <undetermined> Authentication-Type = EAP EAP-Type = <undetermined> Reason-Code = 8 Reason = The specified user account does not exist.#############################################################and access is denied.Why hostname is "PITAGORA\host/pd-machine.domain.com" instead of"host/pd-machine.domain.com"??Thanks in advance--Mimmus