Just a quick note or heads up regarding client exclusion policies.
I got called out to a facility because three laptops stopped working. I got on site and my laptop immediately worked so I knew it wasn't the network or that DHCP got full somehow.
Rebuilding the profiles didn't do anything so when I got on site I saw that those three MAC addresses were excluded probably because they failed to do something. I un-excluded them and removed the default policies. This still didn't work. After an hour or so of banging my head I checked the other controllers to see if any of their clients were excluded and I found the same three macs on another controller for another facility. The only thing I can think of is it was already broken and then the controller blinked and shot those AP's to the wrong controller...and then came back.
If any clients are excluded they are apparently excluded everywhere. Be sure to check all controllers for remnants to get everyone back up online.
So far the only people who get excluded are supposed to be there so I'm on the fence as to whether or not this is a good thing.
my laptop uses two wnic (wireless nic, that is). intel (on-board) and cisco abg pc card. i was confidently using the cisco wnic when after i tried something with the controller and failed to associate for some time, it was excluded from the controller. with this, the cisco wnic is unable to get associated. i've tried reconfiguring the controller to which i know the cisco wnic was registering, but all in vain. so i stopped using the cisco wnic and used the intel instead. and now came the hopeful solution. hehe... luckily, the controllers are still not in the production.
i've 6 controllers, so it could probably be the same case as yours. let me go and check this.