One particular user is keep getting locked out from AD only when he is on wireless.
2 7210 Controllers
Symptom: The user logon into his laptop and connect to the network via wireless. On CPPM Asset Tracker, i can see him connected first as Machine Auth and afterward, User Auth. About 5 minutes later, I am seeing the laptop sending an Authenication request and being rejected by Clearpass due to BadPassword. His laptop is doing this every minutes to the point where it lock out his AD account. I have updating the NIC driver and even put the user on 5 different laptops. It does the same thing from all of the 5 laptops. All the bad password attempt are coming from the Mac Address of the laptop that he is currently using at the time.
When we disabel his wireless NIC, we stop seeing attempt request (disable NIC for 4 hrs). As soon as we enable wireless again, we see the user get authenicate and connected to wireless successufully intially, but then 5-7 minutes later, he is getting rejected within Clearpass for bad password attempted every minutes and it won't stop until we disable his wireless NIC.
Do you have a screenshot of the "Alert" tab in Access Tracker when the user is rejected?
Attached is the "Alert" tab from the reject session. I know error code 216 is indicating bad password, but it's not.
did you try removing his AD account and adding it again? does he perhaps have a weird character in the password?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.