In your allow policy I added the group "Domain Computers" to the list and then machine auth worked. I had tried just a separate group that I put machine accounts as members, but I couldn't ever get it to work. This has worked for me for Aruba, HP and Cisco.
-----Original Message----- From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:wireless-...@listserv.educause.edu] On Behalf Of Jason Appah Sent: Thursday, October 14, 2010 4:11 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] Machine Authentication and IAS 2008 We are a complete Aruba shop, and I'll confess I haven't actually ticketed this with Aruba, but... Has anyone else been able to make machine auth work with IAS as the Radius? Each time the authentication comes across as bad username/password on the machine account. We had an IDengines ignition server that worked flawlessly but has now died. IAS was the replacement and machine auth hasn't worked since. So, has anyone else experienced this? Jason Appah Security/Systems Administrator Oregon Institute of Technology Oregon's only Technical Institute. Office 541-885-1719 Fax 541-885-1919 Email jason.ap...@oit.edu ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.