Administrator Guide
100 | Preparing for Active Directory Authentication Dell Networking W-ClearPass Deployment Guide
Figure 92 Leave AD Domain Dialog
4. Enter the Administrator account password.
The Administrator account doesn’t have to be the same account that is used to join the server to the domain—it only
has to be an account that has permissions to do this operation.
5. Click Leave.
The Leave AD Domain status screen appears, with the heading message: “Removing host from the AD
domain.”
When the process is complete, the status screen displays the message: “Removed host from the domain.”
6. Click Close.
When you return to the Server Configuration > System page, the W-ClearPass server is no longer listed
in the AD Domains section.
7. Click Save.
Adding Active Directory as an Authentication Source to W-
ClearPass
This section includes the following information:
l About Authorization
l User Objects
l About the Bind Operation
l Adding Active Directory as an Authentication Source
After you have joined W-ClearPass to the domain, add an authentication source to W-ClearPass in order to
process authentication and authorization against this Active Directory.
This section describes how to add the Active Directory server as an authentication source in W-ClearPass. This
allows W-ClearPass Policy Manager to communicate with Active Directory in order to accomplish authentication
and authorization operations.
If you are using EAP-PEAP-MS-CHAPv2, you must join W-ClearPass Policy Manager to the Active Directory
domain. Joining the Active Directory domain is necessary in order for W-ClearPass Policy Manager to gain
access to the user credential information stored in the Active Directory.
If you are using EAP-TLS for checking client certificates, you don’t need to join the W-ClearPass server to the domain.