Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

After win 7 update (SP1) users can not do authentication with AD

Jump to Best Answer
  • 1.  After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 12, 2011 06:34 AM

    Hi All

    after windows 7 updated (service pack 1 ) (with too many security updates) the user cannot get authentication with Active Directory. they can get authenticate if they remove all the updates.

    no one can access the SSID if he has win 7 updates 

    can someone help

    Regards,

    

    



  • 2.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 12, 2011 06:50 AM

    What kind of encryption are you using on your SSID? WPA2-AES? Is this an open SSID with a Captive Portal?

     

    Does the client see the SSID?



  • 3.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 12, 2011 11:06 PM

    Network Authentication: WPA

    Encryption:TKIP

    SSID is not open and user can see it.

     



  • 4.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 12:53 AM

    Can you provide an output of "show auth-tracebuf" after the authentication has failed?  This will show us more info about what is failing in the 802.1X messages between client, controller and radius server.

     

    -michael

     

     



  • 5.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 03:02 AM
      |   view attached

    please see the attached file

    Attachment(s)

    pdf
    ARUBA.pdf   11K 1 version


  • 6.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 03:50 AM

    On the Wireless Profile of the client, try unchecking "Validate Server Certificate"



  • 7.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 04:57 AM

    It is already unchecked



  • 8.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 05:04 AM

    It looks like you have termination enabled.  If that IAS server has a certificate already, you should try disabling termination on the Aruba controller.

     



  • 9.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 05:18 AM

    How i can disabling termination on the Aruba controller? can you please write the path



  • 10.  RE: After win 7 update (SP1) users can not do authentication with AD

    Posted Dec 13, 2011 05:31 AM

    It would be in the 802.1x profile.  Configuration> Security> authentication> L2 Authentication> 802.1x profile.  Chose your 802.1x profile and uncheck termination.

     



  • 11.  RE: After win 7 update (SP1) users can not do authentication with AD
    Best Answer

    Posted Dec 13, 2011 05:37 AM

    Thank you it is OK now

    after i did the below steps

    Configuration -- security -- authentication-- L2 authentication-- 802.1x authentication -- staff SSID-- basic-- termination (unchecked and save the configuration then recheck it again and save the configuration)