We have 3 Clearpass 6.7.10 5k (or whatever they're called now) running in a publisher-subscriber setup. All of our infrastructure is in-house, running on Vmware. We have 3 domain controllers that we're querying via the Primary, Backup 1, and Backup 2 tabs. Mysteriously, the Primary hostname keeps changing to 'localhost', using port 6432. We change it back, and a week or so later, it flips back again. The incorrect hostname shows up on all three Clearpass servers. That domain controller works fine for other uses, and before the hostname gets changed, we can tell that it is being queried successfully by Clearpass. After we correct the hostname, we can browse the domain via Clearpass. There's nothing in the logs that we can find which could explain the issue. TAC has been involved for quite some time, but they're stumped.
OK, after some digging, we discovered that the hostname changes when we clear the cache for the auth source. The audit viewer shows that the user who cleared the cache changed the hostname, which is untrue. This looks like a bug to me.
Any resolution? I'm seeing a similar behavior with one of my domain controllers.
No, we have not found any resolution to this problem. The workaround, which is to change the primary hostname every time you clear the cache, is not ideal.
Does this only happen to the primary? Have you tried putting the backup 1 or backup 2 as the primary to see if it still happens?
It only happens to the primary. Yes, we've shuffled them around, and it reliably happens to the primary.
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.