Configuring Active Directory Domain Authentication; Leaving An Active Directory Domain - Aruba Networks PowerConnect W Clearpass 100 Software Deployment Manual

The following options are available in the Authentication drop-down list:
MS-CHAPv2 – Encrypted password – Use this option to encrypt the user's password using the MS-

CHAPv2 authentication method and verify it with the server. A successful authentication using this
method can only be performed when the ClearPass Guest server has joined the domain.
Plain text password – Use this option to perform a plain-text verification of the user's password.


Configuring Active Directory Domain Authentication

After joining the domain, an additional step is required in order to perform user authentication.
The username and password of a domain user is required to perform an LDAP bind to the Active Directory
domain controller, so that LDAP search operations can be performed for other user accounts in the
directory. The credentials provided do not need to be those of a domain administrator; a restricted user
account may be provided here. Only user lookup operations are performed with this user account.
To provide the domain credentials that will be used when authenticating via LDAP, click the
Active Directory authentication link on the RADIUS > Active Directory Services page.

Leaving an Active Directory Domain

To remove the server from the domain, click the Leave Domain command link on the RADIUS >
Authentication > Active Directory page.
As with joining the domain, the credentials for a domain administrator are required to perform this
operation.
160 | RADIUS Services
Configure
ClearPass Guest 3.9 | Deployment Guide