Hi all,
If I have the following scenario for a WPA2/TLS environment,
Forest A
--Domain A
-----User = DOMAINA\QW12345
--Domain B
-----User = DOMAINB\QW12345
When a wireless connection is established using TLS, the users in both domains present their fully qualified user names; including the domain.
Even though DOMAINB\QW12345 supplies the domain as being "B" when it connects, the NPS server uses a user account from its own domain "A", which is identical to the one in B.
As a result, instead of authenticating the user B\QW12345, it uses A\QW12345 which is a completely different user.
This behavior only occurs on users that have identical saMAccountName's in both domains.
Has anybody ever seen this?
TIA