04-13-2016 04:34 PM
I have this issue that it´s happen in two different clients those have windows server 2012, I already did the process in this foro (http://community.arubanetworks.com/t5/AAA-NAC-Gues
Do you have any recommendation to fix this issue, thanks.
04-23-2016 03:07 AM
If you haven't already, you should contact TAC and let them know that the problem still exists...
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
04-24-2016 05:25 AM
This message indicates that there is something wrong with the domain join of your ClearPass.
I have seen windows administrators delete the computer account the ClearPass created (and requires to do MSCHAP authentication), so double check with your AD admins.
You can check as well:
- That ClearPass is configured to use the Active Directory DNS servers; that is needed to find the right domain controllers.
- That time is set correct on both ClearPass and the domain controllers; use the domain controllers as NTP server to make sure they run the same time source.
- That there are no firewall in between ClearPass and your domain controllers that might block the authentication traffic.
- You can check from the appadmin (console) account the AD and kerberos servers:
[firstname.lastname@example.org]# ad auth -u herman -n nl password: INFO - NT_STATUS_OK: Success (0x0)
[email@example.com]# krb auth firstname.lastname@example.org Using default cache: /tmp/krb5cc_0 Using principal: herman@NL.ARUBALAB.COM Password for herman@NL.ARUBALAB.COM: Authenticated to Kerberos v5
And work with TAC if these do not fix your issue...
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).