AD ACCOUNT LOCKED OUT WHILE TRYING TO ACCESS CISCO WIFI
Last Post: November 11, 2009:
User's account locked out everytime he tried to access wifi on Windodws XP, sp3. Here are the settings:
User has to be in AD security group
Network Authentication: WPA2
Data encryption: AES
EAP Type: PEAP
Check on Authentication as computer when computer info is available.
PEAP properties: Uncheck Validate server certificate
Authentication method: Secured password (EAP-MSCHAP v2)
I have user logged on to a different laptop and it happens the same.
I read other posts and they said it has to do with Radius server or AP. Any other ideas?
Have you checked the event logs on your domain controller? If you have please ignore my suggestions as you have already thought of this. Otherwise, look under Event logs then security and sort by username column and you should find the user. See if the account is trying to authenticate from other computers, if so you have your culprit. This really AD 101 stuff but sometimes going back to basics helps.