Security

Reply
Guru Elite

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

What authentication method are you using with the new source? EAP-TLS or PEAP-MSCHAPv2?

 

You can join CPPM to a domain without rebooting.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
MVP

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

Hopefully I understand correctly, but you are referring to the service portion?

 

Currently in my test service that has this new auth. source I have EAP-TLS and EAP-MSCHAPv2 because this service handles a couple of different scenarios of logon attempts.

 

That is good to know that I can join without rebooting. This might be the easiest thing I can try I guess?

Guru Elite

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

If you're using MSCHAPv2, you need to have your servers joined to AD.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
MVP

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

oh really eh?

That is probably my issue then!

 

Okay I will try and join the CPPM to the AD domain and see if that makes a difference.

 

That explains why this one doesn't work and the other AD sources work because with those we are using EAP-TLS.

 

Sorry, I am sure that is documented somewhere!

 

Thank you for your quick response. I will reply back once I have a chance to test.

 

Just so I am sure, is there any risk in adding the CPPM to AD?

 

Cheers

Guru Elite

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

No risks. It's best practice. It just joins like a standard computer.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
MVP

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

Thanks @cappalli!

 

as per usual your knowledge is a great help!

 

Will report back the results.

MVP

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

Should we explicitly define the name of a single domain controller in the "Domain Controller" field during the AD join wizard?

Guru Elite

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

You can either do that or use the return from DNS option along with the domain name.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
MVP

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

I tried the option 'Use Domain Controller returned by DNS query' but receive the error

 

Failed to join domain: failed to lookup DC info for domain '<domain name>' over 
rpc: Duplicate name on network

 

This error is being caused by the fact that the DNS query for our domain returns multiple IP's?

In this case maybe I should target just a single Domain Controller.

 

I looked at the Active Directory as well to make sure there wasn't already an account that existed for the CPPM and it doesn't look like there is one.

Guru Elite

Re: CPPM AD Authentication Error Message : Reading windind reply failed!

OK, yes, just do a single DC. This is only for the domain join. The actual DCs used in authentication are defined in your authentication source.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: