NPS Access denied Reason Code 65

-

hi,

we have nps server configured running on server 2008 r2. our existing windows 7 clients working without issues. started putting windows 10 , started seeing when user tries rdp device, gets disconnected. looking under nps event logs, found event id 6273. says following

network policy server denied access user.

contact network policy server administrator more information.

user:
security id: domainname\devicename$
account name: host/hostname fqdn
account domain: domain name
fully qualified account name: domain/computers/windows 10/hostname
client machine:
security id: null sid
account name: -
fully qualified account name: -
os-version: -
called station identifier: 18-8b-9d-f4-d6-b0:bpaccess
calling station identifier: f0-d5-bf-aa-4d-99

nas:
nas ipv4 address: xxx.xxx.xxx.xxx
nas ipv6 address: -
nas identifier: cisco_9b:7a:e4
nas port-type: wireless - ieee 802.11
nas port: 1

radius client:
client friendly name: wireless-lan-controller-1
client ip address: xx.xx.xx.xx

authentication details:
connection request policy name: secure wireless connections
network policy name: connections other access servers
authentication provider: windows
authentication server: server name
authentication type: eap
eap type: -
account session identifier: 35383534306265312f66303a64353a62663a61613a34643a39392f333137323538
logging results: accounting information written local log file.
reason code: 65
reason:

the network access permission setting in dial-in properties of user account in active directory set deny access user. change network access permission setting either allow access or control access through nps network policy, obtain properties of user account in active directory users , computers, click dial-in tab, , change network access permission.

even though wifi profile through gpo configured peap authentication type, logs shows eap. 

can please me

regards,v

hi,

>>network policy name:
connections other access servers

reason code 65 means network policy not grant access authentication requests.

please check 'connections other access servers' policy,is policy using aunthenticate?if not,please disable , test again.

best regards,
cartman
please remember mark replies answers if , unmark them if provide no help.
if have feedback technet subscriber support, contact tnmff@microsoft.com.



Windows Server  >  Network Access Protection



Comments

Post a Comment

Popular posts from this blog

Error: 0x800f080c - Feature name NetFX3 is unknown

-
i trying install .net framework 3.5 on windows server 2012 standard using command below: ps c:\users\administrator> dism.exe /online /enable-feature /featurename:netfx3 /source:f:\sources deployment image servicing , management tool result: version: 6.2.9200.16384 image version: 6.2.9200.16384 error: 0x800f080c feature name netfx3 unknown. a windows feature name not recognized. use /get-features option find name of feature in image , try command again. the dism log file can found @ c:\windows\logs\dism\dism.log option install .net framework not appear in server manager. how can .net framework 3.5 install? seems impossible install .net framework 3.5 have tried suggested solutions dism /online /cleanup-image /restorehealth, without success.  have run get-windowsfeature , .net framework 3.5 not appear: display name                                ...
Read more

server manager error: ADAM.events.xml could not be enumerated.

-
firewall off isnt it. rerun ldap wizard:?  why?  will screw exchange server running on machine?  ldap wizard asks questions don't understand. please dont send generic links to: http://social.technet.microsoft.com/wiki/contents/articles/13444.windows-server-2012-server-manager-troubleshooting-guide-part-ii-troubleshoot-manageability-status-errors-in-server-manager.aspx thanks, john hi john, >> ok. server manager app. these questions refer this. nothing else 2.  do need create app dir or not?  this server manager, shouldnt done? (why did break in first place?) how check if app dir exists server manager or not. 3.  if "lightweight" implementation of anything, sure hate see "heavyweight" version. the waring events can't enumerated. , cause not completing configuration of ad lds. ad lds not related server manager. used provide flexible support directory-enabled applications. if not implementing such application...
Read more