03-10-2017 04:14 AM
As my instant deployment grows I am having users experience issues with roaming and or 802.1x auth. The user initially authenticates however they may have issues staying authenticated. I see many logs in Airwave. It looks like when a client roams and attemepts to reauth the server may time out and a subsequent reuquest uses host/mymachinename.my.domain.net instead of domain-name\joesmith. It appears this may happen after multiple timeouts however I cannot say that 100%. Any ideas why clients may randomly attemot to authenticate with machine rather than their AD credentials?
Example of log output
Client authentication failed for 00:3A:DE:93:AB:00 host/jsmithmachinename.my.domain.net
Authentication server request timed out for allentownradius my-domain\jsmith
03-10-2017 04:41 AM
That looks like machine authentication. Are you currently supporting (allowing) successful machine authentication in your radius server? Typically machine authentication only occurs when the Windows machine is at the ctrl-alt-delete prompt.
The roaming issue might be something separate...
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
03-10-2017 05:19 AM
Thanks Colin. That's what is odd about this. We do not support machine auth at the radius server and the machines are logged in and connected when the random machine auth attempts occur. Many times I will see this after a few valid domain/user authentication request timed out messages. It seems like occasionaly something triggers a machina auth attempt. You are correct this may be separate form the roaming issues as I have now seen this as well in the logs of my controller environment and different Instant clusters however I am not receiving complaints from those locations.