11-18-2013 09:32 AM
A user's AD account is getting locked out from our Aruba system, but she doesn't have a laptop..so there is no reason why her PC should even be trying to authenticate to the Aruba System.
This is the message I am seeing in Clearpass.
RADIUS MSCHAP: AD status:Account locked out (0xc0000234)
MSCHAP: AD status:Account locked out (0xc0000234)
MSCHAP: Authentication failed
EAP-MSCHAPv2: User authentication failure
How do I track down what device could be using her AD account to log into the Aruba system?
11-18-2013 09:54 AM
From the auth record, lookup in the MAC address in the endpoints database. Hopefully, you have device profiling configured within ClearPass. If this is a user auth into a website (like controller UI), look for the Radius NAD IP address or Framed IP address and try to track it down from there.
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos
11-18-2013 10:06 AM
Have you tried removing that SSID/Network from her phone? to make sure its not trying to authenticate against that SSID
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA