We came across an interesting issue today after installing the August 2017 Windows updates on the servers in our test environment. After patching and rebooting our NPS server that we use for RADIUS authentication, we found that our test clients could no longer connect to our test wireless network.
We were seeing the following error in the NPS event log:
“Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.”
We can confirm that Microsoft has provided a workaround to this issue which is to create a DWORD in the registry to disable a client certificate check. This can be implemented by opening regedit.exe on your NPS server and going to the following location:
In the above key create a DWORD called DisableEndEntityClientCertCheck and set the value of it to 0 and restart your NPS server.
Once we had done that we checked our test clients and they were able to connect to the test wireless network again! We confirmed that in the NPS event log:
You can find more information about this update for the different Windows Server operating systems below:
Hope that helps!