Forum Discussion
JJeffery
Jul 31, 2024Brass Contributor
(Another) Issue with RADIUS authentication for some users
Hi
I thought I'd found the solution to our problem in this Tech Community thread from 2021, only to find that there was only one reply.
Our NPS logs looks very very similar to those described in that 'DenverCoder' post, here's a screenshot to illustrate (the working one is in green, and shows the full AD path to the user account in AD, and the Network Policy name):
We use NPS servers as part of the solution to provide MFA for our staff VPN. It works perfectly for about 127 out of 130 staff. but three of them don't even get an MFA prompt.
Just now I thought I'd found a 4th victim, as she'd tried about 20 times today, only to succeed about an hour ago (not sure what inspired her to try again)
Looking at the Event View on the NPS shows events 6273 (“Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.”) and 4625 (“Failure Reason: Unknown user name or bad password.”)
To me it looks like it's failing to recognise the user's group membership (you have to be in the AD group for the MFA to work, otherwise you ain't coming in bruv!)
All suggestions gratefully received.
- Yes, for my few users the solution was to not use for example an "ä" in their password.
- Tobias_PichlerCopper Contributor
- JJefferyBrass ContributorNo, no fix.
- Tobias_PichlerCopper Contributor
For everyone else running into this problem. Check for special characters in the passwords..
- JJefferyBrass ContributorAre you suggesting this is the solution?