09-29-2016 07:30 AM - edited 09-29-2016 07:33 AM
How can I determine what domain controller is used for a PEAP-MSCHAPv2 authentication event. I do not have password servers specified.
The problem I have is one CPPM appliance in my cluster is returning: MSCHAP: AD status:Access denied (0xc0000022) for all authentication events during certain periods of time over the past week (and now all the time). I am trying to determine if the problem is with a particular domain controller. Eight other appliances in cluster are not showing this issue.
10-05-2016 12:14 PM
Login to CLI with appadmin credentials and execute 'show domain'. It will display the domain controller that was used to join the ClearPass to the domain. That will be first preferred server for authentication.
If you have defined any password servers, the first in password server list, will be the second preferred server for authentication and so on.