Policy Validator automatically examines your new and existing IAM access control policies to ensure that they comply with the IAM policy grammar.
We're deploying a wireless networking using Windows Server 2008 NAC as a RADIUS server.
When Windows XP or 7 clients connect they initally fail to connect.
In order to enable the client to connect we have to add the network manually and un-check the "Validate server certificate" as shown in the screenshot below.
Does anyone know of a way to avoid having to do this?
The error "Mail can't verify the identify of the server xxxxxx" often appears when working with the secure (SSL) settings for your mail client (where "xxxxxx" is the name of your server).
This tutorial will walk you through the steps needed to make sure that your secure settings will work and your self-signed certificate is saved on your computer so that you don't have to continually confirm the identity of your mail server.
Ideally they should then provide their network credentials at connection time and be seamlessly connected.
It appears that the Subject Alt Name entry of the certificate must be set to the DNS used to reach the radius server.
We are perfectly willing to buy a certificate from Verisign, Thwarte, etc if it will help but have tried our Comodo wildcard SSL certificate which hasn't fixed it.
These machines belong to the end users so we can't easily control settings with group policy or registry hacks.
If a policy fails validation, it cannot be saved until the error is corrected.