unsuccessul when use cisco switch as a radius client to control vlan

I got a test lab:

1. - use a cisco switch (2960 series, IOS 12.2(44), ip address: 192.168.0.1) to connect to RADIUS server (Also Domain Controller, use Windows server 2008 R2, ip address: 192.168.0.2)
2. - When a computer pluggin the switch:

• only domain computer are allowed
• use computer account based authentication with certificates
• put healthy clients into VLAN100
• put unhealthy clients into VLAN999

What did i do:

• On windows server:
• install "Network Policy and Access Service" role (only select Network Policy Server sub-role)
• Go to Network Policy Server console, then click Configure NAP link
• Follow the wizard with options like this: IEEE 802.1x (wired) -> Create RADIUS client with IP address is 192.168.0.1 and shared key is 123 -> Didn't fill anything in Machine Groups and User Groups -> Use Smart Card or other certificate.... (no use Sercure password) in EAP types -> Config RADIUS attributes for "Full access network" and "Restricted access network" (see image h.t.t.p://pik.vn/20142b537bed-e911-4bb7-b2be-cb316f2d6254.png) - Next until end the wizard.

On the switch, i did:

• aaa new-model
• aaa authentication dot1x method1 group radius
• dot1x system-auth-control
• aaa authorization network autholist1 group radius
• radius-server host 192.168.0.2
• radius-server key 123
• interface fast 0/24
• switchport mode access
• dot1x port-control auto

This is the result:

• The port fastEthernet 0/24 on the switch alway orange color, and no change the vlan ID, still stay into VLAN1
• nothing has been written in the log of Network Policy and Access Services role
• when i turn on "debug dot1x all" in the switch, i could read something like this: h.t.t.p://pik.vn/2014290fe010-4548-4068-979a-f35c72ced35d.png

Someone can tell me how i have to do to resolve this problem? Or can give me a good tutorial which teach how to setup a cisco switch use NAP on Windows Server 2008 R2 to control VLAN. I have read many tutorial from cisco and microsoft but still no successfull. Cause it's the first time i work with NAP.

Thank in advance!