Hello,
I had a customer deployment for CPPM (WLAN) back in Febryary that was working like a charm (AD is Windows Server 2016).
Recently I went back for wired discussion and found out that nothing was working, every user failed authentication.
The error seen while debugging logs with Aruba TAC was "Maybe the DC has Restrict NTLM set or the trust account password was changed and we did't know. Killing connections to domain XYZ."
I found out that the AD had been updated a few times since February..!!
There is no issue with (all have been checked):
- NTP/clock syncing
- service account to bind/password not expire set (lookup is successful from auth source)
- user to join domain is part of domain admins (domain join is successful)
- No NTLM configuration was seen at customer's AD
What is more interesting, when joining CPPM to an older DC that the customer had (no recent updates, on Win 2012) - everything started working again!!
Is there something in Win 2016 updates that "break" that CPPM connection?
Has anyone noticed this error?
I'm trying to find the updates that were applied and dig deeper in MS documentation and research on this.