Re: IAS System Rights / IAS + Win2003 SP1

start / run / mmc / add/remove snapin / certificates / computer account
if you only see user account, log back on with local administrator's
privileges
double click certificates (local computer), go to personal, certificates
you should see you cert there
double click it
does it read you have a private key corresponding with the cert? if not
that's your problem
if yes, right click the cert & export it to a .cer file that you can post to
anyone

/T



"Jerry Cantrell" <jerry@xxxxxxxxx> wrote in message
news:O0rvvb2QFHA.1528@xxxxxxxxxxxxxxxxxxxxxxx
> How can I get you that?
>
> One thing that troubles me... I generated the Cert request with IIS
> manager, and lodged through verisign, and gave a challenge phrase at the
> verisign website. When the cert arrived, I imported direct into computer's
> store. Usually I'd get asked for the challenge phrase, but not with this
> certificate. Or am I just forgetting the process?
>
>
> regards,
> jerry.
>
>
> "Thomas K" <thomas@xxxxxxxxx> wrote in message
> news:42627eec$0$44108$5fc3050@xxxxxxxxxxxxxxxxxxxxxxxxxxx
>> Please post your certificate (without the private key)
>>
>> /T
>>
>> "Jerry Cantrell" <jerry@xxxxxxxxx> wrote in message
>> news:%23EZkAD1QFHA.3928@xxxxxxxxxxxxxxxxxxxxxxx
>>> Yep, checked that - it's all okay. I'm thinking the problem is buried
>>> more deeply within Windows.
>>>
>>> IAS Event logs with the failures include (see bottom).
>>>
>>> ccess request for user wtest was discarded.
>>>
>>> NAS-Port-Type = Wireless - IEEE 802.11
>>>
>>> NAS-Port = 754
>>>
>>> Proxy-Policy-Name = Use Windows authentication for all users
>>>
>>> Authentication-Provider = Windows
>>>
>>> Authentication-Server = <undetermined>
>>>
>>> Reason-Code = 300
>>>
>>> Reason = No credentials are available in the security package
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> "Thomas K" <thomas@xxxxxxxxx> wrote in message
>>> news:426200a5$0$44102$5fc3050@xxxxxxxxxxxxxxxxxxxxxxxxxxx
>>>> Check that the certificate you have received from verisign meets the
>>>> IAS requirements:
>>>> 1/ Launch ias.msc
>>>> 2/ Double click you remote access policy
>>>> 3/ Click "Edit profile" button
>>>> 4/ Go to "Authentication" Tab
>>>> 5/ Click "EAP Methods" button
>>>> 6/ Add "Protected EAP", OK
>>>> 7/ Edit
>>>>
>>>> Do you see your certificate listed there
>>>> - yes: reqs are met
>>>> - not: guess what :-)
>>>>
>>>> /T
>>>>
>>>> "Jerry Cantrell" <jerry@xxxxxxxxx> wrote in message
>>>> news:OtSXFYvQFHA.3704@xxxxxxxxxxxxxxxxxxxxxxx
>>>>> What system rights and user rights are required for IAS.? I'm trying
>>>>> to get to the bottom of the problem I'm having, and wondering if its a
>>>>> problem with 2003 SP1.
>>>>>
>>>>>> [2504] 14:38:05:175: No Cert Name. Guest access requested
>>>>>> [2504] 14:38:05:175: AcquireCredentialsHandle failed and returned
>>>>>> 0x8009030e
>>>>>
>>>>> Although the "No Cert Name" leads me to believe it's a problem with
>>>>> the certificate. The cert is registered correctly in the computers
>>>>> cert store and the PEAP config screen shows it okay.
>>>>>
>>>>> This IAS is running on 2003 SP1 slipstreamed install, with the
>>>>> firewall disabled, so its not possible to remove SP1 to see if thats
>>>>> causing this.
>>>>>
>>>>>
>>>>>
>>>>> jerry.
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.