Windows 10 in domain connects but fails to manually reconnect
Nick Howitt
nick at howitts.co.uk
Wed May 9 20:35:25 CEST 2018
On 09/05/2018 19:03, Alan Buxey wrote:
> without further details I'd say you checked the 'do not prompt' for
> certificate..so it was connected but wont reconnect because its not
> happy about the CA or RADIUS cert.
> just ensure you've imported the CA used for the RADIUS server into the
> correct root authority store so that the client is happy with the
> server cert.
> you really SHOULD have all those things (CommonName filled and CA
> selected etc) - if doing a windows domain this is VERY easy with a GPO
> that can be just pushed to
> all Windows clients in the domain.
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Yes, I have unchecked "Verify server's identity by validating the
certificate" so I would have expected Windows not to worry that it was
signed by Radius's own CA. I have configured CN and SubjectAltName to be
the same resolvable FQDN, and the correct M$ extensions. I can't do GPO
as this is an old style NT domain in Samba, but I'll give importing the
CA a go just in case. I'm still confused why it would accept a
certificate first time round but not subsequently but I know Windows
does have idiosyncrasies.
FWIW the domain is a test server at home with one PC connected to it .
Nick
More information about the Freeradius-Users
mailing list