我有一个运行 NPS 的 Windows 2008 Std 服务器。应用最新一轮更新后(包括 2012 年 4 月的根证书 KB931125(参见: http: //support.microsoft.com/kb/933430/)),EAP 身份验证因格式错误而失败。
示例错误(安全/事件 ID 6273),为简洁起见被截断:
Authentication Details:
Proxy Policy Name: Use Windows authentication for all users
Network Policy Name: Wireless Access
Authentication Provider: Windows
Authentication Server: nps-host.corp.contoso.com
Authentication Type: PEAP
EAP Type: -
Account Session Identifier: -
Reason Code: 266
Reason: The message received was unexpected or badly formatted.
NPS 策略(无线访问)已相应配置(用于约束/身份验证方法)
EAP Types:
Microsoft: Protected EAP (PEAP) - with a valid certificate from ADCS
Microsoft: Secured password (EAP-MSCHAP v2)
Less secure authentication methods:
Microsoft Encrypted Authentication version 2 (MS-CHAP-v2)
User can change password after it has expired
Microsoft Encrypted Authentication (MS-CHAP)
User can change password after it has expired
我们已经在没有上述补丁的情况下测试了不同的 RADIUS 服务器,并删除了 EAP 作为身份验证类型并取得了成功。
还有其他人遇到过这个问题吗?