We just rolled out a pretty large Aruba implementation yesterday. We're having issues with certain Windows clients using cached credentials for authentication to our corporate network. Here is how we're setting clients up:
1. Create new wireless profile
2. Use WPA2-Enterprise secuirty
3. Don't validate the server cert
4. Forcing user auth versus computer or the "Computer or user" option
5. Telling Windows to use cached credentials (under the MSCHAP config)
We're running a 2k8 R2 NPS server to handle the .1x requests.
This worked awesome for our test group. Everyone connected up right away without being prompted for credentials or anything like that. Then we went to roll it out to everyone else....
About 1:4 people are being re-prompted for credentials, stating that their credentials (cached) are incorrect. This is not a stale cache issue as I had someone wire into the network and reboot. They had zero issues signing into their laptop and were prompted again once their wireless came up. Entering their credentials into the prompt just causes another failure. We're having people get locked out left at right because of this. There is a work around which is to specify the credentials to use under wireless profile properties -> security tab -> advanced settings. This for some reason has no issue connecting but will create quite the headache every month when passwords expire.
I was in the test group and was able to connect fine following the steps above until I started trying to reproduce the problem. I went into the profile properties and told it not to remember my credentials and rebooted. After doing so, the only way I can connect is to enter my credentials manually like mentioned above.
Any one have any ideas on what could be causing Windows to pass the wrong credentials? I've been fighting this all day and have come up empty handed.