MS NPS not working

Hi Syavash
There are a couple of things to check when configuring Microsoft NPS to authenticate Arista devices:

If you want to use Active Directory as a user database:
1)The user should have network permissions on Active Directory:
AD Users and Computers/User Properties/Dial-in/Allow Access
2)When using CHAP authentication, Password encryption must be activated:
AD Users and Computers/User Properties/Account/Account Options/Store password using reversible encryption
3)NPS must be registered in AD:
NPS/right click on NPS(Local)/Register Server in Active Directory

Create a New Radius Client (right click on Radius Client/New) with particular attention to the Friendly Name (Used later on policy conditions) and the Shared Secret (configured on the Arista device)

Policies
While creating the NPS Policies (Right click on Network Policies/New) make sure you select the right conditions, i.e:
Select the user group on Windows Groups.
Type the Client Friendly Name as configured before.
On Constraints panel, select protocols (i.e. CHAP,PAP/SPAP)
Standard Radius Attributes, Service Type= NAS Prompt
On Settings panel/Add/Vendor:Custom/Vendor Specific/Add/Enter Vendor Code:30065 and click “Yes it conforms”
Click on Configure Attributes/Attribute format:String Attribute Value:shell:cvp-roles=network-admin (that’s for CVP)

I hope this will help you. In case you are still having issues, please contact support@arista.com
Regards

This works with one addition on Windows Server 2016 Network Policy Services, CVP version 2017.2.0

* make sure to set Authentication and Authorization settings on CVP portal to RADIUS