Have you included your Active Directory in the Authentication Sources for this service? The logs, as Tim indicates, appear to show that ClearPass is only checking the Local User Repository, not the AD.
Log for wrong password in AD would look like Logon failure:
MSCHAP: AD status:Logon failure (0xc000006d)
MSCHAP: Authentication failed
EAP-MSCHAPv2: User authentication failure
For wrong username it would say User not found, like in your case:
AD-arubalab.loc - dc01.arubalab.loc: User not found.
MSCHAP: Authentication failed
EAP-MSCHAPv2: User authentication failure
Please double-check your service, most specific the Authentication sources. I think it is very unlikely that the 0.0.0.0 in the NAS-IP-Address has something to do with your issue at this point in the process.