10-27-2016 03:27 AM
ClearPass can apparently use variables in x.509 certs, presented by clients within EAP-TLS auth, to change the role which is applied to individual clients. How do I find out more about how ClearPass is configured to do this? Also; how do I find out how these cert variables might be manipulated, when the certs themselves are generated by CP OnBoard? E.g. I want an OB user, approved by one Sponsor, to obtain different network access rights to a second OB user, approved by a different Sponsor...
10-28-2016 05:25 AM
Er... I think I may have found my own answer here, via this post: https://community.arubanetworks.com/t5/AAA-NAC-Gue
Anyone confirm that I'm on the right track..?