AAA, NAC, Guest Access & BYOD

What is "Strip Username Rules" on CPPM and how to use it

How do we use authentication’s “Strip Username Rules”?

 

This article holds good in CPPM 6.2 and later


What is  “Strip Username Rules” and how do we use it?


rtaImage.png



If we are to authenticate as TestUser@domain.com, we would use a strip username rule that reads “user:@“. If we were to authenticate as “DomainName\TestUser”, the we  would use “\:user”. The key word is “user”, and you can use <symbol><delimiter> or <delimiter><symbol> where the delimiter is “:” and the symbol can be anything that identifies a split between the username and non-username parts of the incoming string.


More insight:

If the user enters his username in the below format:


Username@domain_name.com
 
 In the specific case we would use the Strip username function as “user:@“


This option is compulsory to use because CPPM authenticates using only the "sAMAccountName" which does not contain the domain name.


rtaImage.png

If we do not strip the username, the authentication would fail.

How do I tell CPPM to authenticate the users when they use below?
user@domain.com and domain/user


We can use the strip username rule as shown below.



rtaImage.png
Version history
Revision #:
2 of 2
Last update:
‎06-25-2014 02:09 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.