Forum Discussion
PaulvDam
Oct 08, 2021Copper Contributor
Windows 11 clients cannot authenticate to NPS server using computer authentication
We have a Windows server 2019 datacenter server running NPS. Our WiFi Office clients authenticate to this server for access to the corporate WiFi network. We use computer authentication, so members o...
- Oct 18, 2021Had this with 802.1x and AlwaysOn VPN. Maybe it's the same for your Wifi profile,. The reason is documented here https://directaccess.richardhicks.com/2021/09/23/always-on-vpn-error-853-on-windows-11/
Nick_A
Iron Contributor
For our environment it was due to credential guard. This will break anything using PEAP w/MS-CHAPv2, including machine authentication. It's also extremely tricky to debug because this requires Windows Enterprise version and since we are using E3 licenses (included in there is the OS Enterprise license) this problem only surfaces eventually when the OS is upgraded to enterprise in the background (enabled by default with Enterprise, does not get enabled with only Pro).
Fix: Group Policy->Administrative Templates->System->Device Guard->Turn On Virtualization Based Security (set to DISABLED).