Hello!
I have for some time now experienced a problem with our Active-Directory controlled VSC.
It seems that only some of our users are able to authenticate and others recieve a reject.
The VSC is access-controlled and ive added the appropiate-groups aswell ass added the default AC group.
"Feb 11 13:55:01 debug iprulesmgr Sending RADIUS Access Reject (id='4') to RADIUS Client (ip-address='169.254.0.4',port='33183').
Feb 11 13:55:01 info iprulesmgr Refusing session for user (nas-port='7',name='domain\username',calling-station-id='00-23-14-8D-21-B4',framed-ip-address='0.0.0.0')."
This is one of the entries i can see being logged in the MSM-log after activating extra Radius/ad-debug.
The wierd thing is that some of our users are able to authenticate to this AD-authenticated VSC but some of them can't
from what i can see this is alos logged on the DC when one of the users getting rejected tries to connect :
The computer attempted to validate the credentials for an account.
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon Account: User.account
Source Workstation: \\MSM710
Error Code: 0xc000006a
Our current setup is (only listed the relevant servers) : 1 DC (2008r2) ,
Network is 1 VLAN, 2 subnets connected through an IPSEC-tunnel ('ve checked the firewall nothing being blocket there its full access between these subnets)
1: MSM710
2:MSM 430
1: MSM 310
So to clarify we are not using a RADIUS-Server just the built in "Remote > Active Directory authentication"
P.S usernames and domain have been swapped for privacy reasons
Any help in this matter would be greatly appreciated
Cheers
Joakim
:UPDATE:
Looking at the logs from the DC the only difference i can see between a failed authentication and one that succeeded is that the ones able to authenticate has its own laptop as Souce Workstation: laptopnamexxx
While the ones failing comes from Source Workstation: \\MSM710
example below:
Failed authenticated:
The computer attempted to validate the credentials for an account.
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon Account: user.name
Source Workstation: \\MSM710
Error Code: 0xc000006a
Successfully authenticated:
The computer attempted to validate the credentials for an account.
Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon Account: user.name2
Source Workstation: computername-xxx
Error Code: 0x0
P.S. This thread has beenmoved from Communications, Wireless (Legacy ITRC forum) to MSM Series. - Hp Forum Moderator
#msm710#auth#login#msm#Active-Directory#Radius#710#ActiveDirectory#AD