Security

Reply
Contributor II

Join clearpass to multiple forest domain

Hello community.

I have a problem to join ClearPass to two domains that do not have trust relation between them (different forests). I configured two DNS one from domain A and one from B (primary and secondary). when the primary dns is from domain A I do not have problems to join Clearpass to domain A, netbios name appears automatically, but when I try to add it to domain B (with dns A as primary) it doesn´t resolve the netbios of domain B. If I change the roles and I configure as primary dns from one of domain B I join without problems to domain B, the netbios name appears automatically. The problem with  this is that the authentication for  users from domain that have its dns as primary work fine, but the users authentication that have its dns as secundary don´t work.

What can i do for resolve this?

 

Guru Elite

Re: Join clearpass to multiple forest domain

The name server defined in ClearPass must be able to resolve the DCs in all of your AD forests.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Contributor II

Re: Join clearpass to multiple forest domain

Thank cappalli for you fast response.

in this moment the primary DNS  of domain A only resolve the name of DC of domain A and the DNS(secundary) of domain b only resolve dc of domain b, you say that the primary DNS needs to resolve the name of both dc (domain a and b) is that correct? 

Highlighted
Guru Elite

Re: Join clearpass to multiple forest domain

Correct.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: