Computers there is member of our domain Gymund.dk (se picture below) have no problem. Our student computers which is not member of any domain is logging fine with there AD username and password.
But if we got a student which have a computer which is member of another domain, they can't login with there AD account.
It is possible to get this computer on our Wireless Network, but it is not easy.
We are using MS Radius server. We think it has something to do with the configuration below
You would be better to send everything on to NPS directly for many reasons.
If you have a RADIUS client limit in the edition of Windows Server that you are using, you should consider upgrading to an edition that does not have this.
(Server 2012 Standard edition and later does not have a limit...)
My second question is: Have you verified what that the Access-Request packets are getting through to the expected EAP-terminating RADIUS server? If those Access-Request packets are getting through as expected, this cannot have anything to do with HiveOS.
At that point, the concern can only be with the place of EAP termination. Whatever is carrying out that function that has to handle talking to other domains to auth as necessary.
All the RADIUS proxy configuration is doing is routing things, optionally stripping the realm if desired.
Problem is only with computers which is member of another domain. On the Radius server we can see that those computer is rejected. Our radius server will not allow a computer which is member of another domain. This is a known problem with windows 2008 server. We will try with server 2012 and radus to see if this works. But we are busy at the moment (1500 new students)
Have you tried using the RADIUS Test and Client Monitor to troubleshoot? They are very helpful in troubleshooting.