08-19-2014 02:18 PM
The release notes for CPPM 6.4 talk about this:
A new Service parameter, Re-attempt AD login with different Username formats, lets you
control re-tries with different user name formats to the Active Directory in MS CHAP v2
I couldn't find this. Does anyone know where this option lives in the GUI?
08-19-2014 02:22 PM - edited 08-19-2014 02:23 PM
Server configuration > Service Parameters > Radius server
It's enabled by default.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
08-19-2014 02:55 PM
Thanks for the reply.
The help file has not been updated with a full description of this option.
But it sure seems like a darned good idea to set this to FALSE to help avoid account lockouts.
08-12-2015 09:51 AM
#1 The username as provided
#2 The samAccountName as returned from the auth source
#3 The full username@domain