Security

Reply
Occasional Contributor II

CPPM - How to determine DC used for authentication event

Hello,

How can I determine what domain controller is used for a PEAP-MSCHAPv2 authentication event.  I do not have password servers specified.

 

The problem I have is one CPPM appliance in my cluster is returning:  MSCHAP: AD status:Access denied (0xc0000022) for all authentication events during certain periods of time over the past week (and now all the time).  I am trying to determine if the problem is with a particular domain controller.  Eight other appliances in cluster are not showing this issue.

 

Thank you,

David Johnson

Aruba Employee

Re: CPPM - How to determine DC used for authentication event

Login to CLI with appadmin credentials and execute 'show domain'. It will display the domain controller that was used to join the ClearPass to the domain. That will be first preferred server for authentication.

 

If you have defined any password servers, the first in password server list, will be the second preferred server for authentication and so on.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: