Why is a new user that was created in Active Directory unable to connect wirelessly for the first time?

Aruba Employee
Aruba Employee

Product and Software: This article applies to all Aruba controllers and ArubaOS 3.x and 2.x.

When you create a new user in the Active Directory, you must connect the user for the first time using the wired network so that the client gets network connectivity and the credentials reach Active Directory for authentication. Only after the user credentials have been cached, the system can have the user login in using wireless on subsequent attempts.

A new user has no cache, so the login fails.


To overcome this situation, you could implement machine authentication. The machine credentials are validated and the client is put in an 802.1x machine role, which gives the user access to the network for him to login with a new credential. When you implement machine authentication, you must terminate the dot1x tunnel on the authentication server. You also need the necessary server certificates on the IAS server. (EAP termination does not support machine authentication.)

Version history
Revision #:
1 of 1
Last update:
‎07-05-2014 08:35 AM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: