RADIUS configuration

[disturbedone]

I am new to RADIUS and have, what I thought would be, a relatively simple configuration but cannot get it to work. I suspect I know what the issue is but would like some thoughts from others.

* W2K3 domain with 2 DCs
* W2K8R2 server for NPS/RADIUS
* Followed

http://www.windowsnetworking.com/ar...Authentication-Windows-Server-2008-Part1.html

on how to setup RADIUS but get very vague, unhelpful errors in Event log and XPSP3 laptops will not authenticate

I suspect the issue is that the W2K8R2 server is not a DC. Does it need to be a DC for authentication? If so then it's not going to work until we move to a 2K8 domain a 6mths. If not then any other suggestions?

 

[disturbedone]

This has been resolved. Although with all the things I was doing (removing NPS & CA roles, then adding them) I'm not 100% sure of what resolved it but I'm pretty sure it was the RADIUS secret. W2K8R2 RADIUS can generate a secret itself which was a 64 character alphanumeric (incl special characters) and it warns that some RADIUS clients may not like long secrets. The WiFi controller (the RADIUS client) allowed me to enter this and gave no warning. I changed the secret simply to "test" and it worked. The original secret only included a single "!" as a special character so I changed this to an "a" and entered the full 64 characters and it also worked so the length isn't the problem but the special character is (assuming nothing else I did was the cause).