Simple Certificate Selection Option
Hello All,
We are testing a new Windows NPS setup. We are using Certificate Auth for company owned computers. All domain joined PCs are receiving a certificate from our internal CA server via a GPO.
I'm testing using 2 laptops *(one Lenovo T480 and one T480s). The issue I seem to be running into while testing is that one of the laptops won't connect to the Wired network if "Use Simple Certificate Selection" is enabled and the other won't connect if it is NOT enabled... 🙄
I've noticed on the NPS server's log file and in Event Viewer, that when either laptop fails authentication it's sending the computer's MAC Address as the user-name. But, when I switch up the "Use Simple Certificate Selection" setting and the laptop(s) successfully connect, it's sending the Computer's name/hostname as the user-name.
Both laptops are running Windows 10 with latest updates. The network adapter settings are being pushed via a GPO. And, we are using Cisco networking gear, switches, WLC and APs.
Any idea why this would be happening? I've tried un-joining and rejoining the laptops to the domain. But, the outcome is the same. I've also tried renewing their certs and no change.
Oddly, BOTH laptops connect to the 802.1x Wi-Fi I have setup when I have Use Simple Certificate Selection enabled. So Wi-FI doesn't appear to be an issue... I'd hate to have to have 2 GPOs, one where Simple Selection is enabled and another where's it's disabled.
Any help would be greatly appreciated!
Thanks in Advance,
Matt