We have a problem going on here that Im having a hard time putting my finger on. We have a bunch of wireless clients that we connect to our wireless network via PEAP with a machine certificate that is issued through GP Certificate Autoenrollemnt. For the most part this works great. However, we have been having some issues where the certificate goes missing and will not connect to the network. So we connect them to a different network with a WPAv2 key (no certs) and try to relogin. When we try to relogin we then get an error stating that the Trust Relationship could not be established between the workation and domain. Also, I have tried to re-import the machine certificate, but it goes into the users's personal cert store which doesnt work. Im not sure which is causing which - ie. breaking trust making the cert disappear or the cert disappearing is breaking trust. Ive tested this out on a wired system and if I delete the cert and reboot it is still able to login fine. So, Im leaning towards the former. Once we get one of those trust relationship errors we have to remove it from AD, disjoin the domain and rejoin, then its fine. But, we have over 2200 workstations and this seems to be happening more frequently than it should. Id appreciate any information anybody can throw my way on this. This is getting to be a real annoyance around here. Thanks.

Hello, I think it will be better to ask them here: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/threads This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer

Hello, I think it will be better to ask them here: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/threads This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner 2010 / 2011 Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration Microsoft Certified Technology Specialist: Windows 7, Configuring Microsoft Certified IT Professional: Enterprise Administrator Microsoft Certified IT Professional: Server Administrator Microsoft Certified Trainer