hi,
ive a problem with some wlan-users and machine authentication. mostly users are pass machine auth but sometimes the login fails. in the auth.log are the following entries:
AUTH 25/10/2006 13:43:51 I 0897 2216 AuthenProcessResponse: process response for 'XXXX\yyyyyyyy'
AUTH 25/10/2006 13:43:51 I 1554 2216 pvAuthenticateUser: authenticate 'XXXX\yyyyyyyy' against Windows Database
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: Starting MSCHAP authentication for user [XXXX\yyyyyyyy]
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: Attempting Windows authentication for user yyyyyyyy
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: Windows authentication SUCCESSFUL (by DCXXX)
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: User mapped to ACS group id [1]
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: Group 1 is forced to pass Machine Authentication
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: Force machine AUTH mapping to group [-1]
AUTH 25/10/2006 13:43:51 I 0376 2216 External DB [NTAuthenDLL.dll]: User is mapped to a disabled ACS group
AUTH 25/10/2006 13:43:51 I 5081 2216 Done RQ1027, client 50, status -2046
AUTH 25/10/2006 13:43:51 I 5094 2216 Worker 5 processing message 18.
AUTH 25/10/2006 13:43:51 I 5081 2216 Start RQ1027, client 50 (127.0.0.1)
AUTH 25/10/2006 13:43:51 I 0897 2216 AuthenProcessResponse: process response for 'XXXX\yyyyyyyy'
AUTH 25/10/2006 13:43:51 I 0361 2216 EAP: PEAP: Second phase: 26 authentication FAILED
background:
the acs default group is disabled and group 1 (named wlan) is mapped to active directory.