Hi,
Are you using EAP-MSCHAPv2 protocol to authenticate the users, it looks you are using AD as authentication source, did you join clearpass to ad domain. Could you check below stesp
1) Test if the Join to the domain is successful. This can be tested using the command :
ad testjoin <domain NETBIOS name>
For example :
[appadmin@AB-CP-Pub-6_3]# ad testjoin AB
Join is OK
The above test fails if there are any communication issues between the AD and the Clearpass.
If the above fails, a quick solution would be to leave Clearpass from the domain and rejoin it.
2) Test if users can successfully perform MSCHAPv2 auth from the CLI using the command :
ad auth -u <username> -n <domain NETBIOS name>
For example :
[appadmin@AB-CP-Pub-6_3]# ad auth -u Aruba -n AB
password:
ERROR - NT_STATUS_NO_SUCH_USER: No such user (0xc0000064)
[appadmin@AB-CP-Pub-6_3]# ad auth -u ca -n AB
password:
ERROR - NT_STATUS_WRONG_PASSWORD: Wrong Password (0xc000006a)
[appadmin@AB-CP-Pub-6_3]# ad auth -u ca -n AB
password:
INFO - NT_STATUS_OK: Success (0x0)
Regards,
Pavan
If my post addressess your query give kudos:)