Security

Reply
Contributor II
Posts: 51
Registered: ‎04-13-2009

Error Code:216, Authentication Failure

I am an Aruba partner and I have a 3-year evaluation copy of CPPM.  I had to rebuild my VM and reinstall my CP server, because my old server crashed during a power outage.  I got the guest captive portal working, but I am having some difficulty with the Employee authentication piece.  I have configured the authentication source (my internal AD server) and I can browse the base DN from within the Authentication Sources->Primary tab on CPPM, which I assume confirmsthat CPPM can talk to and browse my AD server and that the bind DN information is correct.

 

I have tried deleting and reconfiguring the service and deleting and reconfiguring the authentication source to no avail.  I am not sure where, or why my connection choses the correct service and then says there is no authentication source.

 

i have attached some screen shots for reference.

 

Any suggestions would be greatly appreciated.

 

Regards,

Regards,
DAK
Guru Elite
Posts: 21,269
Registered: ‎03-29-2007

Re: Error Code:216, Authentication Failure

It looks like you did this already, but did you add the CPPM server to the domain?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor II
Posts: 51
Registered: ‎04-13-2009

Re: Error Code:216, Authentication Failure

Yes, the ClearPass server is joined to the domain.  I modified the service slightly to allow me to run the AAA Test Server routine from the controller and that also failed.  Then I tried mapping a network drive on my AD server from my laptop and that also failed.  Although, I did try authenticating via ClearPass using somebody elses credentials and that had also failed.

 

At this point, I'm not sure if the problem is with my CP server, or my AD server. 

 

Regards,

Regards,
DAK
MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: Error Code:216, Authentication Failure

 

Like cjoseph mentioned look in here to make sure the server has been added to the Domain :

 

2014-03-26 12_35_02-CPPM_6_3_snmp_support_tech_ note.pdf.png

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Guru Elite
Posts: 21,269
Registered: ‎03-29-2007

Re: Error Code:216, Authentication Failure

So, it looks like your LDAP server is not even finding that user in your LDAP tree.  Does the user even exist?  Can you browse to that user using your LDAP?  Is your base-DN high enough in the tree?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

vld
New Contributor
Posts: 1
Registered: ‎12-08-2011

Re: Error Code:216, Authentication Failure

Hi,

I had the same issue after restoring a backup. LDAP is working, and I was able to browse the AD tree within the Auth Source, but auth failed...

The solution was to have CPPM join the AD. It seems like CPPM does not restore the domain membership when restoring a backup.

"Administration -> Server Manager -> Join AD"
Contributor II
Posts: 51
Registered: ‎04-13-2009

Re: Error Code:216, Authentication Failure

Thank you, VLD.  I did leave and rejoin the domain once already, and the CP server says that it is part of the domain.  When I look at the Access Tracker log, it looks like the user connection is using the correct Service, but no authentication source is being selected.

 

I have attached screen shots of the Access Tracker Summary page and the Server Configuration page.

 

Regards,

Regards,
DAK
Search Airheads
Showing results for 
Search instead for 
Did you mean: