What you show in your screenshot is the domain join, which is only needed for MSCHAPv2 (PEAP) and should not be used anymore.
If you have a forest of domain and multiple subdomains, for LDAP (Active Directory Authentication Source) you should configure a global catalog in your domain (typically on the top level controllers) and configure ClearPass to work with that. It listens on different ports, 3268 (non-SSL) and 3269 (SSL/LDAPS).
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Feb 09, 2025 10:40 PM
From: MrPhan
Subject: Aruba clearpass add active directory done but not working
Hello,I have a parent active directory (Main AD) and many child active directorys (Sub ADs). I have added 01 child AD, but when I add a second child AD, this Sub AD still be added but it doesn't work.
i can Search Base DN
But, it dont work, i try test policy simulation, it cannot see that Sub AD
I tried deleting, and then add Sub AD again, reboot..., but it didn't work. I wonder why the other subdomain still works.
Any ideas to fix this problem?
Thanks & BR!