I have been using server 2008 R2 for NPS using 802.1x for about a year or so with my windows clients and it has been working perfectly. Recently however my mac clients cannot authenticate successfully. They get the error posted below. I cant find the eap log file or at least I dont know what the name of it is. All my Windows clients still work fine, just the couple mac clients cant authenticate even though they have been working fine up until very recently.
Network Policy Server denied access to a user.Contact the Network Policy Server administrator for more information.
User:
Security ID: DOMAIN\username
Account Name: username
Account Domain:DOMAIN
Fully Qualified Account Name:DOMAIN\username
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name:-
OS-Version: -
Called Station Identifier:000B866D50A0
Calling Station Identifier:F0B47923378A
NAS:
NAS IPv4 Address:172.20.XX.XX
NAS IPv6 Address:-
NAS Identifier:172.20.XX.XX
NAS Port-Type:Wireless - IEEE 802.11
NAS Port: 7
RADIUS Client:
Client Friendly Name:Aruba-Master
Client IP Address:172.20.XX.XX
Authentication Details:
Connection Request Policy Name:Secure Wireless Connections
Network Policy Name:Secure Wireless Connections
Authentication Provider:Windows
Authentication Server:RADIUS.domain.lan
Authentication Type:PEAP
EAP Type: -
Account Session Identifier:-
Logging Results:Accounting information was written to the local log file.
Reason Code: 23
Reason: An error occurred during the Network Policy Server use of the Extensible Authentication Protocol (EAP). Check EAP log files for EAP errors.