Hello, I have a Windows NPS EAP-TLS policy configured, however my test user is receiving this error. I am not 100% sure that the authenticating client actually has a local certificate. Do the following NPS logs confirm that a client certificate has been presented for authentication or could this error simply mean that client certificate has been presented ?
Are there any logs within NPS that would show what certificate was presented for authentication via EAP-TLS ?
Thank you.
Authentication Details:
Connection Request Policy Name:CR-ZoneDirector
Network Policy Name:NP-DOMAIN-BYOD-Wifi-EAP_TLS
Authentication Provider:Windows
Authentication Server:DAKLRAD1.domain.forest
Authentication Type:EAP
EAP Type:
Microsoft: Smart Card or other certificate
Account Session Identifier:-
Logging Results:Accounting information was written to the local log file.
Reason Code:
287
Reason:
A certificate chain could not be built to a trusted root authority.************