AAA, NAC, Guest Access & BYOD

How to Authenticate Endpoints with its attribute value

by ‎09-08-2016 09:53 AM - edited ‎09-08-2016 09:53 AM
Requirement:

Consider an Endpoint is updated with a particular attribute "Owner" and its value updated as "test". If there is a requirement to authenticate all EndPoints with same attributes only should be authenticated, we can create a new Authentication source and use custom SQL to authenticate the device.



Solution:

The below SQL allows the device to authenticate with the attribute value

   SELECT e.mac_address AS User_Password FROM tips_endpoints e
   LEFT JOIN tips_endpoint_tag_mappings m ON e.id = m.instance_id
   LEFT JOIN tips_tag_values v ON v.id = m.tag_value_id
   LEFT JOIN tips_tag_definitions d ON d.id = v.tag_id
   WHERE d.name= 'Owner' AND v.tag_value='test' AND e.status ='Known' AND mac_address = LOWER('%{Connection:Client-Mac-Address-NoDelim}');

 



Configuration:

Navigate to Configuration » Authentication » Sources and create a new Authentication Source as below

 

 

 

 

 



Verification

The Endpoint is added with an Attribute value of test as shown below

 

 

 

Screenshot showing successful Authentication against new Authentication source

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.