Security

Reply
Trusted Contributor I

ClearPass can't join domain

trying to have ClearPass join an AD domain, via GUI and CLI, getting the output below. anyone experienced this issue before?

 

Adding host to AD domain...
INFO - Fetched the NETBIOS name 'TEST'
Stopping cpass-domain-server: [ OK ]
Starting cpass-domain-server: [ OK ]
Enter aruba's password:
Failed to join domain: failed to lookup DC info for domain 'TEST.LOC' over rpc:
Logon failure
INFO - Restoring smb configuration
INFO - Restoring krb5 configuration file
Stopping cpass-domain-server: [ OK ]
Starting cpass-domain-server: [ OK ]
ERROR - clearpasstest.test.loc failed to join the domain TEST.LOC
Join domain failed

is there a checklist for what the AD version must be and such?

Guru Elite

Re: ClearPass can't join domain


boneyard wrote:

trying to have ClearPass join an AD domain, via GUI and CLI, getting the output below. anyone experienced this issue before?

 

Adding host to AD domain...
INFO - Fetched the NETBIOS name 'TEST'
Stopping cpass-domain-server: [ OK ]
Starting cpass-domain-server: [ OK ]
Enter aruba's password:
Failed to join domain: failed to lookup DC info for domain 'TEST.LOC' over rpc:
Logon failure
INFO - Restoring smb configuration
INFO - Restoring krb5 configuration file
Stopping cpass-domain-server: [ OK ]
Starting cpass-domain-server: [ OK ]
ERROR - clearpasstest.test.loc failed to join the domain TEST.LOC
Join domain failed

is there a checklist for what the AD version must be and such?

Make

Make sure that the ip address of the DNS server for the clearpass box is one of the DNS servers in AD.  DNS must be able to resolve the FQDN to join the domain.

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Trusted Contributor I

Re: ClearPass can't join domain

that is the case, DNS is running on the AD server (windows 2003) and that is also set as DNS server on the clearpass.

Guru Elite

Re: ClearPass can't join domain

Sorry,

 

I did not see the big "logon failure".  What did you put for the username and password?

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Trusted Contributor I

Re: ClearPass can't join domain

tried with the default administrator account and used the checkbox to enter a self created admin account.

 

 

Trusted Contributor I

Re: ClearPass can't join domain

went on trying some more, another DC (win 2008) and some more testing. eventually it worked, but unsure what exactly did the trick. once I have some time I might try it again from scratch.

Guru Elite

Re: ClearPass can't join domain

Interesting.  The only ways I got it to fail with that message is wrong username and password...

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Trusted Contributor I

Re: ClearPass can't join domain

that is always possible, i usually try a couple of times to be sure i get it right at least once :smileyvery-happy: perhaps i missed it.

Guru Elite

Re: ClearPass can't join domain

Do you have any special characters in your password?

 

******************
Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
******************
Guru Elite

Re: ClearPass can't join domain

Looks like you are entering the fully qualified username (username@domain.tld). Can you try just the username?

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: