Security

Reply
Contributor I

clearpass domain user login isse

hi,

we have an cleapass joined to domain,

we are checking if the user authentication only,

domain user is successfully looged in and uathentciated,

our issue when we try to loggoff that user and try to login again wirth different domain user !

we are not able to authenticate that user, till we shut the port ion cisco switch and open it again,

 

any help

Guru Elite

Re: clearpass domain user login isse

Answer: you need to configure machine authentication on the workstation.

 

If you are using 802.1x for authentication, that means the workstation has no connection to the domain until the user authenticates.  Even when the user authenticates via 802.1x, if the user's profile is not on the machine, the user cannot authenticate.  If you configure machine authentication, the workstation with authenticate as a machine and have a connection to the domain at the ctrl-alt-delete screen, so it can download the user's profile when the user logs in.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite

Re: clearpass domain user login isse

Answer: you need to configure machine authentication on the workstation.

 

If you are using 802.1x for authentication, that means the workstation has no connection to the domain until the user authenticates.  Even when the user authenticates via 802.1x, if the user's profile is not on the machine, the user cannot authenticate.  If you configure machine authentication, the workstation with authenticate as a machine and have a connection to the domain at the ctrl-alt-delete screen, so it can download the user's profile when the user logs in.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I

Re: clearpass domain user login isse

i have already configured the workstation to accept user or machine authentication, and i unchecked the windows user name and password from the aythentiction tab,

 

it works only when i shut and no shut the cisco port or when the macine restart again

 

 

MVP

Re: clearpass domain user login isse

A new Machine Authentication should happen when you log out and hit ctrl-alt-del to log in again.

I'm assuming your workstation is Windows based. Added a screenshot of how the config should/might look on the machine itself.

 

12.11.jpg

 

For domain laptops you should keep the "Automatically use my windows" ... box checked.


Regards
John Solberg

-ACMX #316 :: ACCP ::
ACSA :: Working on my ACCX!!
Intelecom - Norway
----------------------------
Remember to Kudo if a post helped you! || Problem Solved? Click "Accept as Solution" in a post!
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: