Security

Reply
Contributor II

Error Joining Clearpass to AD

Hi there.

 

I'm getting an error while I try to join Clearpass to AD.

 

Scenario:

Clearpass hostname: cppm_enp

IP address: 10.5.0.4

Active directory IP: 10.5.0.10

Domain Controller name (FQDN): PocociAD.seguridadpublica.go.cr as you can see on the following capture:Join AD 3.png

If I go to the command line an put nslookup I get that: Join AD 4.png

Also I have created a new entry on the DNS service for the clearpass server.

Both servers (Clearpass and AD) ping each others.

 

Then, I go to Administration-> Server Manager--> Server configuration and then to Join AD domain option and fullfil the fields as you can see on the following capture: AD Join.PNG

As you can see the NetBios field obtain the value automatically after I write the complete Domain Controller name, then I write the password and Click Save and the process starts. And then it shows the next error: AD Join 2.PNGJust to clarify the time on both servers are synchronized.

 

Thank you in advance!

Guru Elite

Re: Error Joining Clearpass to AD

Is there a firewall between ClearPass and the domain controllers? Are the required ports allowed between them?


Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480

Re: Error Joining Clearpass to AD

Have you tried doing an NSLOOKup from ClearPass CLI ?

Get Outlook for iOS
Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Contributor II

Re: Error Joining Clearpass to AD

Hi Victor, yes, I have tried, look: Join AD 5.PNG

Contributor II

Re: Error Joining Clearpass to AD

Hi Tim, I have created a new rule on Windows Firewall allowing port TCP/UDP 389 and nothing happened.

Guru Elite

Re: Error Joining Clearpass to AD

Contributor II

Re: Error Joining Clearpass to AD

Thank you Tim, I think it was necessary to disable and enable again the firewall to "apply changes". Now its joined.

 

Thanks Victor too.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: