IAS not authenticating Mac OS X

Discussion in 'Windows Server' started by Kenneth Wong, Mar 30, 2009.

  1. Kenneth Wong

    Kenneth Wong Guest

    Hello,

    I am having problems adding my Macintosh systems to my WPA2 Enterprise
    wireless system. I am using IAS on Server 2003 to handle the authentication
    and encyrption. The system works fine with my Windows systems but I have a
    Mac that will not authenticate.

    The Mac is running OS X v10.4.11 and I am using Server 2003 STD SP2 with
    IAS. IIS and CA have been installed on the server.

    This is what I have done so far:

    1. Joined the Mac to the domain.
    2. Created a new 802.1x connection in Internet Connections control panel
    with the same user credentials used to join the domain.
    3. Created a certificate for the user and added it to the x509 connector in
    Keychain.

    The Mac failed to authicate to the RADUIS server and produced the following
    error:

    Access request for user Domain_Name\User_Name was discarded.
    Fully-Qualified-User-Name = User_Name
    NAS-IP-Address = IP_Address
    NAS-Identifier = Not_present
    Called-Station-Identifier = Identifier
    Calling-Station-Identifier = Identifier
    Client-Friendly-Name = Client_Name
    Client-IP-Address = Client_IP_Address
    NAS-Port-Type = Port_Type
    NAS-Port = Port_Number
    Proxy-Policy-Name = Use Windows authentication for all users
    Authentication-Provider = Windows
    Authentication-Server = Undetermined
    Reason-Code = 5
    Reason = The user account domain cannot be accessed.

    I did some research on this issue and applied hotfix KB946813 which MS says
    addresses this issue, but the system still fails to authenticate.

    It's clear that I have misconfigured something. Can someone please help me
    out?

    Thanks.
     
    Kenneth Wong, Mar 30, 2009
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.