Hey All
New here.
So, let's get into it.
We have a:
- Trusted CA
- a subordinate CA
- a Server 2016 NPS server
- and WPA2 Enterprise security on our wireless.
We are using computer certificates to authenticate the PC and allow wifi access. GPO pushing wifi authentication settings (no auto connect)
So, to give a quick description of the issue we're seeing. Its only happening to some users, and not to others:
On my computer - everything works as expected. I get a cert, I can connect. I delete the cert, I can no longer connect. Cool.
On my colleagues computer with the same GPO, and a requested computer certificate - he is prompted for a certificate and a username. The simple certificate list does not show his computer certificate at all (It does show user-certificates, not to mention it shouldnt prompt for a username)
All I see on the local machine for failures in event log for one of these impacted users is: 6105 - deauth after EAPOL key exchange sequence
I see the same error if I delete my certificate and try to authenticate.
When the impacted user tries to authenticate, I see nothing on the NPS logs.
At a bit of a loss here and would appreciate any help.
Here's some pics of my settings (Network policy and GPO Settings): https://imgur.com/a/5uGZ4yY