We're in the midst of relocating our RADIUS role from a 2003 DC to a 2008 R2 member server.
The following features have been installed and configured:
- Network Policy Server
- Routing and Remote Access Services
- Remote Access Service
- Routing
All policies have been recreated identically to the previous ones and the server has been registered in AD DS.
When attempting to connect to the RADIUS server I receive the following event:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
User:
Security ID: NULL SID
Account Name: test
Account Domain: DOMAIN
Fully Qualified Account Name: DOMAIN\test
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: -
Calling Station Identifier: -
NAS:
NAS IPv4 Address: x.x.x.x
NAS IPv6 Address: -
NAS Identifier:
NAS Port-Type: -
NAS Port: 1
RADIUS Client:
Client Friendly Name: server.fqdn
Client IP Address: x.x.x.x
Authentication Details:
Connection Request Policy Name: Use Windows authentication for all users
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: server.fqdn
Authentication Type: PAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
All credentials, shared secrets and authentication methods are correct. I have also checked Dial-Up properties in AD DS. Has anyone else experienced this issue?
Regards,
Ryan.