ClearPass, Read-only Domain Controller (RODC) and PEAP-MSCHAPv2

Today we're having a look at how to use a ClearPass Subscriber with a Read-Only Domain Controller.
This setup is typically for branch offices where the Activate Directory and NAC services should be hosted locally to overcome WAN failures. 


This post will primarily cover the "AD status:No trusted SAM account (0xc000018b)" error, when using PEAP-MSCHAPv2.