You are currently offline, waiting for your internet to reconnect

Authentication may fail, or you may receive an 807 error or a 691 error, when you try to connect to the Network Policy Server on a Windows Server 2008-based server

SYMPTOMS
On a Windows-based client computer, you use a Connection Manager (CM) profile together with Network Access Protection (NAP). When you try to connect to the Network Policy Server (NPS) on a Windows Server 2008-based server, the following authentications may fail:
  • Protected Extensible Authentication Protocol (PEAP)
  • Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)
The PEAP and the MS-CHAPv2 authentications may fail the first time or on reauthentication. Additionally, you may receive an 807 error or a 691 error.

This issue occurs if the client computer does not provide a domain membership attribution for the user account.
CAUSE
This issue occurs because the Windows Server 2008-based server cannot verify the client computer's user account.
WORKAROUND
To work around this issue, enter the domain name and the user name when you perform the PEAP and the MS-CHAP v2 authentications.

Consider a scenario in which the user name is "Someone" and the domain name is "Adatum.com." In this scenario, you must enter the following item in the User name box when you perform the PEAP and the MS-CHAP v2 authentications:
Adatum\Someone
MORE INFORMATION
For more information about Network Access Protection (NAP) for Windows Server 2008, visit the following Microsoft Web site:
Properties

Article ID: 943070 - Last Review: 11/12/2007 19:46:00 - Revision: 1.3

  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 for Itanium-Based Systems
  • Windows Server 2008 Standard
  • kbtshoot kbprb kbexpertiseadvanced KB943070
Feedback