HiI need some help with my setup for wired network802.1x authenticationwith one stand alone windows 2003 CA server and 2 subordinate windows 2003 servers i different domains. There is a two way trust between the domains. I got a Windows 2008 R2 NPS installed in domain A. Two different policies setup on the NPS with different VLAN depending on which domain and group the computer belong to. The AD is in Win2003 Native mode.With domain A where the Win2008 R2 NPS is installed there is no problem for the computers that belong to domain A to authenticate with the computer certificate and get the right VLAN. But for the computer whichs belongs to domain B it doesn't work. I have checked the certificate chain for both the domains and the lead up to the stand alone CA server. Do I need to make som sort of cross certificate trust or is something else that I have missed.Regards Ulf Mansson MCT, MCSE www.lumagate.com

Hi, Please use "certutil ca.chain" to verify the CA on both Forests and let us know the detailed NPS server certificate information. This issue may also be caused by NPS settings. Please help to collect more information for troubleshooting. 1. Did you follow any NPS deployment guide to setup your NPS server? If so, please let us know the link of the guide. 2. If no, please let us the detailed steps you configured the NPS server. 3. Try to change the order and disable one NPS policy to test. Is there any progress? 4. If not, please refer to the article below to collect: a. Tracing log on a server running NPS b. NAP event trace log files on a client computer c. NAP server trace log files on a server running NPS Log files http://technet.microsoft.com/en-us/library/dd348461(WS.10).aspx#logfiles Thanks. This posting is provided "AS IS" with no warranties, and confers no rights.