Hi all,
what do we have:
Windows 2016 Domiancontroller with NPS
about 180 Accesspoints
Firmware - 6.42.6
Software - 6.42.6
after I've figured how to login with SSH to our Mikrotik Routers with AD and NPS (Windows2016) I got a strange issue.
I am able to login via SSH against our AD and NPS but the NPS writes every time:
Network Policy Server denied access to a user.
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
Authentication Type: PAP
I've set my AD account to: Store password using reversible encryption and recreated my password.
My connection Request Policy:
Authentication Type - Unencrypted authentication (PAP, SPAP)
Condition: Username - xxxxx
Network Policy:
Settings/Radius Attributes/Standard/Service-Type - Framed
I've tried different settings but nothing helps to get the NPS authenticate the user (only if i set the Authentication on the Connection request Policy to "Accept users without validating credetials")
The same setup works without problems if I login e.g. via WEB and using MS-CHAP.
We use SSH for monitoring things in our ICINGA2 monitoring system and it is quite bad if the useraccount gets always blocked because the NPS means, the user is not authenticated.
Any hints about it?
Kind regards,
Peer-Mario