Hello All..
Sorry... So this is a windows problem, but there are some wicked smart guys on here and there is a 7210 involved so here goes.
I have encountered a very aggravating problem with deploying a NPS server to handle hardware login. The controller is acting exactly as it should (communicating with the NPS). NPS is also behaving like it should (detailed logging). Nevertheless auth keeps failing.The reason code I keep getting is 65. This indicates the user account in AD is set to deny access. Seems like an easy fix right? When I finally get to view the account in question it is not set to "deny access" it is in fact set to "allow radius to grant access". Upon some further digging (google) i discover the "ignore user dial in properties" tick box, so NPS wont even check the access settings. This didn't resolve the problem.
Next I discover the user is hitting one of the generic windows polices. I have the configured policy at the top and the value is set to 1. The other policies aren't configured so im not sure why it it triggering those policies. If i disable all policies except the one I configured i get a new error of no policy to handle request.
*The policy has all of the required groups added for authentication.
Has anyone encountered anything similar? Since the error code is 100% incorrect im not sure where to look next.
#7210