07-10-2015 01:48 PM
I have been testing using enforce machine auth vs disabling enforce machine auth. The login times vary from 30 seconds to 1 minute. Probably stupid question, but is this by design? On our wired network we just have comp auth. The wireless is using computer or user auth. When at the Ctrl+alt+delete screen, the computer does authenticate from the radius server.
Solved! Go to Solution.
07-10-2015 01:49 PM
07-10-2015 02:01 PM
No, we do not have clearpass
We have a domain-computer role which includes logon-control (dns, dhcp, icmp) and (allow domain controller) policy which gives full access to the domain controllers.
07-10-2015 02:03 PM
Generally slow logon times mean something is being blocked.
Just to test, can you change that role to have an allowall and see if it speeds up?
If so, remove the allowall and then use the "show datapath session table <client-ip> | include D" command to see what is being blocked during the logon process.