Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Read Only Domain Controller causing user authentication problems

This thread has been viewed 4 times

  • 1.  Read Only Domain Controller causing user authentication problems

    Posted Oct 07, 2015 01:16 PM

    Hi:

    We're running MSCHAP authentication for users to an AD domain.

    A few weeks ago we put a read only domain controller online at another site (online 24/7 via VPN tunnel).

    All was fine until today when Clearpass decided to start using the RODC to authenticate users. All user authentication failed.

    When I typed 'show domain' from the console, it listed the RODC as the 'Domain Server Ip Address'.

    Once I shut down the tunnel to the RODC, clearpass went back to using local servers. 

    How to I force Clearpass to use local servers for user auth?

    Configuration » Authentication » Sources lists only the local servers for primary and backups.

    Administration » Server Manager » Server Configuration lists only the local severs under the AD Domains section.

    What else do I need to do to force local server auth?

     

    Thanks,

    Tony



  • 2.  RE: Read Only Domain Controller causing user authentication problems

    EMPLOYEE
    Posted Oct 07, 2015 05:00 PM

    Tony1234,

     

    I don't know if there is a problem with read-only domain controllers or not.  To restrict the domain controllers to only the ones you want to contact, you can do this:

     

    Go to Administration > Server Manager > Server Configuration > Click on Server > and click on a little tiny icon called "Password Servers" at the bottom.  You can then add the ip addresses tht you want mschapv2 restricted to for authentication.

    passwordservers.png