Hi @marce,

thank you so much for reply and Its all POE and i have done a few off them but nothing change. But firstly only 3 was down (after replace patchpanel keystone jack) then i loging web gui on to WLC i see time was 10hr different then i corrected then reboot from section of WLC command-Reboot-reboot without Save then nothing did same proces Save and Reboot again nothing then i have disconect WLc from power outlet then power up this time only 4 joined/connected rest of them disconect/not joined pls see picture of it. thank you in advance. Ps I am not the IT pro.

  - The software version on the controller is way to old as per https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html
    you should use https://software.cisco.com/download/specialrelease/9a6a7cf84f9fdf04b95c76e2ac7820e7

    Because there is a reasonable chance that in between corticates of APs got expired after a long uptime before
   Then according to https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html
  You can use command as in : ap cert-expiry-ignore {mic|ssc} enable
  
                      You don't have these commands available in 8.0

  M.

Hi @marce, thanks for the reply and it was the cert issue so follow this link https://www.cisco.com/c/en/us/support/docs/wireless/aironet-700-series-access-points/218447-ios-ap-image-download-fails-due-to-expir.html

So only used step 3 at the  "Workaround" but i haven't still restarted/rebbot WLC yet, Just a bit scare to lost all connection of it.

(AireOS WLC)> show time
Time............................................. Fri Dec  2 00:00:02 2022

C9800#show clock
00:00:02.573 <TIMEZONE> Fri Dec 2 2022

all the other steps didn't work. After put above date all connected accept 6 off them. . Im still trying to figure it out. See the attachments pls with picture and Most recent Traps. Anyway So my understanding per your link Cisco WLC 2504 can go latest AireOS Release 8.5.182.12. Looks like everything needs to update/upgrade my site

Workaround

If you are not running fixed software, follow these steps to allow the IOS APs to join.

1. Disable NTP, to prevent the controller from automatically setting its time forward.
   

AireOS:
(AireOS WLC)>show time

make a note of all configured NTP servers, and delete each one:

(AireOS WLC)>config time ntp delete <INDEX_Number>

IOS-XE:
C9800#show run | i ntp 
ntp server ip <NTP_SERVER_IP1>
C9800#config terminal  
(config)#no ntp server ip <NTP_SERVER_IP1> ! for each configured NTP server

2. Change the date on the WLC to something before December 4, 2022 but not before November 1, 2022, as it may invalidate the certificate in the controller or in newer APs. 

(AireOS WLC)> config time manual 12/02/22 00:00:00

C9800#clock set 00:00:00 2 Dec 2022

3. Verify that the time on the WLC has changed

(AireOS WLC)> show time
Time............................................. Fri Dec  2 00:00:02 2022

C9800#show clock
00:00:02.573 <TIMEZONE> Fri Dec 2 2022

4. Wait for all of the APs to come up in Registered state with the new image. 

Note: In some cases, an AP reboot may be required after date change to get the AP joined. But please be sure to wait at least 30 minutes to allow AP to join back before rebooting APs

5. Enable NTP again

(AireOS WLC)>config time ntp server 1 <NTP_SERVER_IP1>

C9800#configure terminal
(config)#ntp server ip <NTP_SERVER_IP1>

6. Save the configuration

(AireOS WLC)>save config
Are you sure you want to save? (y/n) y

C9800#write memory

7. Re-verify clock on the WLC

(AireOS WLC)>show time
C9800# show clock

   -  As I have said there is a big chance that the certificates have expired and you can't solve that with the version that the controller is running 
  (Repeated) :  as per https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html
    you should use https://software.cisco.com/download/specialrelease/9a6a7cf84f9fdf04b95c76e2ac7820e7

    Because there is a reasonable chance that in between corticates of APs got expired after a long uptime before
   Then according to https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html
  You can use command as in : ap cert-expiry-ignore {mic|ssc} enable
  
                      You don't have these commands available in 8.0

  M.

Hi Konstantin,

Thank you so much for this and I can connect Via web and also via Putty on to WLC 2504. How i can check certificate. Ps: I m not IT pro. thank you so much on advance

OK, let's start from the easiest point... Do you have a physical view to you AP that did not join? Any led indication (on or off ?

Are these APs connected to the same network switch as working ones?

Thanks, All shows Staedy Green and and connected different cisco switches (so every switch first 4 port configured for APs). So 2 working one same switch other different switch. And also my understanding at the same 1.switch 4 APs connected 2 works/joined 2 not,  2.switch 4 APs connected 1 works/joined 3 not, 3.swithc 2 APs connected 1 works/joined 1 not, and rest of them shows with green lights not joined except 2APs "AP Name" shows N/A at the WLC web loging page.(After tried Reset - disconnect AP from power (PoE) press and hold 'mode' button while reconnect - hold mode button until LED turns continuous red). Thank you so much.

  - You need to provide the full boot sequence (output) of one of the none-working APs

   M.