Security

Hello,

When trying to Join ClearPass to an AD domain it is faling due to  "Operations error"

Join domain failed    
Adding host to AD domain...
INFO - Fetched REALM 'XXX.LOCAL' from domain FQDN
'YYY.XXX.local'
INFO - Fetched the NETBIOS name 'EU'
INFO - Creating domain directories for 'EU'
Enter -USER's password:
>>>>  Failed to join domain: failed to connect to AD: Operations error <<<<
INFO - Restoring smb configuration
INFO - Restoring krb5 configuration file
INFO - Deleting domain directories for 'EU'
ERROR - ServerName failed to join the domain XXX.LOCAL
with domain controller as YYY.XXX.local
Join domain failed

ClearPass has connectivity to the DC and the FQDN resolves to the correct IP@ and finds the NETBIOS name correctly.

I am wondering if the firewall might be blocking port 389 , is there a CLI command I could use to test this port ?

Thank you,

David Sanchez

You can test authentication against a domain by using:

 auth -u <username> -n <domain NETBIOS name>

Hello Tim,

Thank you for your reply.

I've tried that command already and didn't work. For it to be used  CPPM needs to be part of the domain first, and I am stuck in the process of joining the AD. 

I am awaiting to confirm port 389 by the firewall team and will post the outcome.

DS