I am trying to create a simple TLS connection between a client and server.
Both NPS and active directory are there in the same server.
"Register server in Active directory" option is greyed out on the NPS server.Due to which the TLS connection is failing.
In the active dir>RAS and IAS server>member the NPS server is not present.
Also the command "netsh nps add registered server" gives the output "The server is not operational"
The TLS connection is failing with the ID : 6273:
Network Policy Server denied access to a user.
Contact the Network Policy Server administrator for more information.
Security ID: S-1-5-21-2918599220-1559750031-3582700202-1109
Account Name: firstname.lastname@example.org
Account Domain: TEST
Fully Qualified Account Name: TEST\peap
Security ID: S-1-0-0
Account Name: -
Fully Qualified Account Name: -
Called Station Identifier: D0-37-45-B9-2B-AF:NISH-TLS
Calling Station Identifier: C8-2B-96-B8-87-70
NAS IPv4 Address: -
NAS IPv6 Address: -
NAS Identifier: -
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: -
Client Friendly Name: esp_rpi-5
Client IP Address: 10.0.1.18
Connection Request Policy Name: NISH_TLS
Network Policy Name: NISH-TLS
Authentication Provider: Windows
Authentication Server: WIN-TSO77NCTEQ0.test.espressif.com
Authentication Type: EAP
EAP Type: Microsoft: Smart Card or other certificate
Account Session Identifier: 44423835314135444337364545434532
Logging Results: Accounting information was written to the local log file.
Reason Code: 16
Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.
But the PEAP connection is successful with "validate server" option is switched off on the client.
I have exported the Certs generated on the windows server and have used them on freeradius and the connection is successful. Hence looks like the certs are fine.
How to register the NPS server to the Active directory?