During review of our 802.1x architecture we found reference to the "Active Directory" type of ClearPass authentication source as using NTLMv2. One of our requirements was to enable Kerberos instead of NTLMv2.
I've set up Kerberos as an authentication source, but it does not appear to be able to authenticate a user using a test TACACS+ type service policy. I'm seeing the following error
I'm unsure what the above means. Does it mean that I've incorrectly configured my Kerberos authentication source, or that it is configured correctly but the AD servers I specified are not responding correctly?