Multidomain authentication by 2 NPS servers with pfSense CP.
pszafer last edited by
I don't know if this is stricty connected with CaptivePortal, but I think that only this community can help me now, as you never dissapointed me :).
We have 2 domains: A and B. Users from both domains should be able to login in CP.
So CP is configured to authenticate to NPS in A domain.
In A domain I have 'Connection request policy' -> 'B(.*)' -> redirect to NPS in B domain.
And requests are redirected, but when username is somehow changed in 'Connection request policy' NPS in B can't find user e.g. 'B\testB'.
When I redirect all requests to B NPS without changing anything in user-name attribute user is authenticated.
I suspect that it could be:
A. my config bug
B. NPS bug
C. something wrong with MSCHAP2 after changing user-name attribute.
Here is my topic at MS Technet: https://social.technet.microsoft.com/Forums/windowsserver/en-US/853138a2-be3f-4841-b946-53d26cc22f2d/nps-reject-user-if-domainusername-provided
but it is not helpful so far…
Thanks in advance for any help.