Re: IAS System Rights / IAS + Win2003 SP1

How can I get you that?

One thing that troubles me... I generated the Cert request with IIS manager,
and lodged through verisign, and gave a challenge phrase at the verisign
website. When the cert arrived, I imported direct into computer's store.
Usually I'd get asked for the challenge phrase, but not with this
certificate. Or am I just forgetting the process?


regards,
jerry.


"Thomas K" <thomas@xxxxxxxxx> wrote in message
news:42627eec$0$44108$5fc3050@xxxxxxxxxxxxxxxxxxxxxxxxxxx
> Please post your certificate (without the private key)
>
> /T
>
> "Jerry Cantrell" <jerry@xxxxxxxxx> wrote in message
> news:%23EZkAD1QFHA.3928@xxxxxxxxxxxxxxxxxxxxxxx
>> Yep, checked that - it's all okay. I'm thinking the problem is buried
>> more deeply within Windows.
>>
>> IAS Event logs with the failures include (see bottom).
>>
>> ccess request for user wtest was discarded.
>>
>> NAS-Port-Type = Wireless - IEEE 802.11
>>
>> NAS-Port = 754
>>
>> Proxy-Policy-Name = Use Windows authentication for all users
>>
>> Authentication-Provider = Windows
>>
>> Authentication-Server = <undetermined>
>>
>> Reason-Code = 300
>>
>> Reason = No credentials are available in the security package
>>
>>
>>
>>
>>
>>
>>
>> "Thomas K" <thomas@xxxxxxxxx> wrote in message
>> news:426200a5$0$44102$5fc3050@xxxxxxxxxxxxxxxxxxxxxxxxxxx
>>> Check that the certificate you have received from verisign meets the IAS
>>> requirements:
>>> 1/ Launch ias.msc
>>> 2/ Double click you remote access policy
>>> 3/ Click "Edit profile" button
>>> 4/ Go to "Authentication" Tab
>>> 5/ Click "EAP Methods" button
>>> 6/ Add "Protected EAP", OK
>>> 7/ Edit
>>>
>>> Do you see your certificate listed there
>>> - yes: reqs are met
>>> - not: guess what :-)
>>>
>>> /T
>>>
>>> "Jerry Cantrell" <jerry@xxxxxxxxx> wrote in message
>>> news:OtSXFYvQFHA.3704@xxxxxxxxxxxxxxxxxxxxxxx
>>>> What system rights and user rights are required for IAS.? I'm trying
>>>> to get to the bottom of the problem I'm having, and wondering if its a
>>>> problem with 2003 SP1.
>>>>
>>>>> [2504] 14:38:05:175: No Cert Name. Guest access requested
>>>>> [2504] 14:38:05:175: AcquireCredentialsHandle failed and returned
>>>>> 0x8009030e
>>>>
>>>> Although the "No Cert Name" leads me to believe it's a problem with the
>>>> certificate. The cert is registered correctly in the computers cert
>>>> store and the PEAP config screen shows it okay.
>>>>
>>>> This IAS is running on 2003 SP1 slipstreamed install, with the firewall
>>>> disabled, so its not possible to remove SP1 to see if thats causing
>>>> this.
>>>>
>>>>
>>>>
>>>> jerry.
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>


.