Justworks | Office 365 - Exchange - SharePoint - Hyper-V - Azure

View Original

EAP! Event logs are full of DLL path validation errors

Once again, Tier 1 PC vendors are failing to send out products with proper drivers and clean, smoothly operating OS builds.  

It's shocking that in this era of Ultrabooks and tablets - all aimed at a premium market and with premium prices to match - vendors still send out systems littered with terrible bloatware, outdated drivers, and long lists of outstanding OS updates waiting.  Often even the OS is full version-behind or more behind current.

We're particularly looking at you Dell!

The latest cases we're seeing are from current Dell and Lenovo systems with Haswell ("4th Generation Intel Core") chipsets and Intel WiFi onboard.  On these systems, the System Event Logs are littered with entries similar to this:

The description for Event ID 2002 from source Microsoft-Windows-EapHost cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event: 
Eap method DLL path
25
9
0
0
The handle is invalid

As is also often the case the Corporate tech support sites were of no use, and the available driver updates from the vendor did nothing to clear the events or resolve the root cause.

Our own investigation found the issue appears to be some Cisco-specific EAP registry keys are being added, without proper driver or backing software.

The solution? Fire up our old friend RegEdit and look under the following registry path:

HKLM\System\CurentControlSet\Services\Eaphost\Methods\311

There will be several entries referencing paths for Cisco drivers or DLLs that don't exist. Remove any of these type of keys.

No reboot is necessary, and the errors go away immediately.

We've also found this resolves some Cisco and other third-party IPSec VPN issues as well.