Sydney Windows Infrastructure User Group - WXP 802.1x PEAP MS-CHAP-V2 and W2K SP4 Server

Welcome to Sydney Windows Infrastructure User Group Sign in | Join | Help

Home

Blogs

Forums

Sydney Windows Infrastructure ... » Microsoft » Active Directory » WXP 802.1x PEAP MS-CHAP-V2 and W2K SP4 Server

WXP 802.1x PEAP MS-CHAP-V2 and W2K SP4 Server

Last post 10-10-2006, 12:14 PM by r0ssc0. 1 replies.


	Sort Posts: Previous Next

09-29-2006, 8:29 PM 92

r0ssc0
Joined on 09-29-2006
Posts 2

WXP 802.1x PEAP MS-CHAP-V2 and W2K SP4 Server

I have configured the wireless client WPA-TKIP with 802.1x PEAP MS-CAHP-V2 and Server Certificate and IAS on W2K and I can authenticate with user credentials fine, but when I enforce machine authentication on the client. The event log sees the computer authentication request but it is denied. Resultant message: the computer does not have dial-in permission. So I go to the AD>admin>domain computers and there is no dial-in tab in the computer properties. I look on the M$ web site and it confirms that there should be a dial-in tab in the computer properties in W2K and W2K3. I have not installed the rollup patch for SP4 for which the doco has no reference to this problem.

Can anyone help...

202.172.159.253
Report abuse

10-10-2006, 12:14 PM 101 in reply to 92

r0ssc0
Joined on 09-29-2006
Posts 2

Re: WXP 802.1x PEAP MS-CHAP-V2 and W2K SP4 Server

After a bit of research and some further testing I have found the answer. The Dial-in Tab in computer properties is not part of wk2 AD so I needed to upgrade the schema to w2k3 Secema using adprep.exe. Now machine authentication is working. The same configuration supports WPA2 AES if you install the wxp patch for wpa2.

202.172.159.253
Report abuse

Powered by Community Server, by Telligent Systems