AAA, NAC, Guest Access & BYOD

 View Only
last person joined: one year ago 

Solutions for legacy and existing products and solutions, including Clearpass, CPPM, OnBoard, OnGuard, Guest, QuickConnect, AirGroup, and Introspect
Back to Library

What is "Strip Username Rules" on CPPM and how to use it 

Jun 23, 2014 03:11 PM

How do we use authentication’s “Strip Username Rules”?

 

This article holds good in CPPM 6.2 and later


What is  “Strip Username Rules” and how do we use it?


rtaImage.png



If we are to authenticate as TestUser@domain.com, we would use a strip username rule that reads “user:@“. If we were to authenticate as “DomainName\TestUser”, the we  would use “\:user”. The key word is “user”, and you can use <symbol><delimiter> or <delimiter><symbol> where the delimiter is “:” and the symbol can be anything that identifies a split between the username and non-username parts of the incoming string.


More insight:

If the user enters his username in the below format:


Username@domain_name.com
 
 In the specific case we would use the Strip username function as “user:@“


This option is compulsory to use because CPPM authenticates using only the "sAMAccountName" which does not contain the domain name.


rtaImage.png

If we do not strip the username, the authentication would fail.

How do I tell CPPM to authenticate the users when they use below?
user@domain.com and domain/user


We can use the strip username rule as shown below.


rtaImage.png

Statistics
0 Favorited
29 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.