Administrator Guide
98 | Preparing for Active Directory Authentication Dell Networking W-ClearPass Deployment Guide
Figure 88 W-ClearPass Server Added to the Active Directory Domain
The Join AD Domain status screen indicates that the services have restarted. As shown in Figure 88, the
final INFO line states that the selected W-ClearPass server joined the domain.
5. Click Close.
You return to the Server Configuration page, and it now shows that the W-ClearPass server is joined to
the domain.
Figure 89 W-ClearPass Server Joined to Domain
Now that the W-ClearPass Policy Manager server has joined the domain, the server can authenticate users
with Active Directory.
About the Authentication Source and the Authorization Process
During the NTLM authentication process, W-ClearPass queries Active Directory for a suitable domain controller
to use to handle the authentication. Please note that when used with 802.1x EAP-PEAP-MSCHAPv2 services,
the authentication process is separate from the Active Directory authentication source in W-ClearPass, which in
this context only handles authorization.
Optionally, you can configure a list of domain controllers to be used for MSCHAPv2 authentication, as
described in the next section, Manually Specifying Active Directory Domain Controllers for Authentication.
If you do not specify this list of domain controllers, all available domain controllers obtained from DNS will be
used for authentication.
Manually Specifying Active Directory Domain Controllers for Authentication
To manually specify Active Directory domain controllers for authentication:
1. Navigate to Administration > Server Manager > Server Configuration.
2. Select the W-ClearPass server name.
The Server Configuration page for the selected server opens by default on the System tab.
3. Click the Modify Password Servers icon (located at the bottom of the System page).