Hi:
We're running MSCHAP authentication for users to an AD domain.
A few weeks ago we put a read only domain controller online at another site (online 24/7 via VPN tunnel).
All was fine until today when Clearpass decided to start using the RODC to authenticate users. All user authentication failed.
When I typed 'show domain' from the console, it listed the RODC as the 'Domain Server Ip Address'.
Once I shut down the tunnel to the RODC, clearpass went back to using local servers.
How to I force Clearpass to use local servers for user auth?
Configuration » Authentication » Sources lists only the local servers for primary and backups.
Administration » Server Manager » Server Configuration lists only the local severs under the AD Domains section.
What else do I need to do to force local server auth?
Thanks,
Tony