This week after allowing the distribution of some updates (CA root updates, Malware) to my DC Servers, my Wireelss Controller (Ruckus) stoped working. None of the machines are authenticating via EAP/802.1X (it was ok in the last 8 weeks) My RADIUS configurations was not changed in any way DCs Win2008R2EnglishStandard + NPS/RADIUS+DNS+WINS User PCs: XP, 7 In my Win8Pro, i have the following errors: WLAN AutoConfig service failed to connect to a wireless network. Network Adapter: Broadcom 802.11n Network Adapter Interface GUID: {6020b72d-1d7d-4b49-b4e8-0f7a96486895} Connection Mode: Manual connection with a profile Profile Name: DOMAINNAME_NG SSID: DOMAINNAME_NG BSS Type: Infrastructure Failure Reason:The specific network is not available. RSSI: -35 Wireless security failed. Network Adapter: Broadcom 802.11n Network Adapter Interface GUID: {6020b72d-1d7d-4b49-b4e8-0f7a96486895} Local MAC Address: E0:06:E6:9A:9A:6C Network SSID: DOMAINNAME_NG BSS Type: Infrastructure Peer MAC Address: C4:01:7C:2B:8C:18 Reason: Explicit Eap failure received Error: 0x57 Wireless 802.1x authentication failed. Network Adapter: Broadcom 802.11n Network Adapter Interface GUID: {6020b72d-1d7d-4b49-b4e8-0f7a96486895} Local MAC Address: E0:06:E6:9A:9A:6C Network SSID: DOMAINNAME_NG BSS Type: Infrastructure Peer MAC Address: C4:01:7C:2B:8C:18 Identity: DOMAIN\USER_NAME User: USER_NAME Domain: DOMAIN Reason: Explicit Eap failure received Error: 0x57 EAP Reason: 0x57 EAP Root cause String: The parameter is incorrect. EAP Error: 0x57

I deleted 10 root certificates on personal em computer stores and restarted NPS Service and the problem didnt go away. Do you think i need to reboot the DCs? (DCs are NPSs)

I noticed an article related to your problem but it doesnt apply to me (http://support.microsoft.com/kb/933430/en-us) beucase the articles is related to Win2003.

I tried the reg key in the article http://support.microsoft.com/kb/933430/en-us and it worked for me only restarting the NPS Service before the test Now my Win8 client shows: WLAN AutoConfig service started a connection to a wireless network. Wireless network association started. Encryption: TKIP 802.1X Enabled: Yes Wireless network association succeeded. Management Frame Protection Enabled: 0x300000000 Wireless security started. FIPS Mode: Disabled 802.1x Enabled: Yes Wireless 802.1x authentication started. Eap Information: Type 25, Vendor ID 0, Vendor Type 0, Author ID 0 Wireless 802.1x authentication succeeded. Wireless security succeeded. Wireless security stopped. Security Hint: The operation was successful.

I went to this article to find the necessary root certificates for the Windows 2008R2 operating system (http://support.microsoft.com/?id=293781). I deleted all the root certificates that were not used by my system or business on the authentication server for the NPS service. Not necessary to do this on the client workstations. I did not reboot the servers.

I liked the apporach of deleting certificates, but they tend to occur again in the future, dont you think? Im afraind of falling in the same problem again and again, only "pushing" the problem forward insted solving ina effective way. The GPO and RegKey approachs are worst in terms of security but theyre "long term" solution for low security environments. Noticed that the articles mentions WIn2003 but my problem is on WIn2008R2 and apparently MS ont solved the problem

I agree but I felt security was more important than convenience. The root certificate updates occur about 2-3x per year and now that I have seen the problem and worked around it, I can do it again. It is also very fast and does not require a reboot of the servers.