Security

Reply
New Contributor

Clearpass Guest - AD Authentication

I'm brand new to Clearpass and I've been following the Clearpass Solution Guide for Wired Policy enforcement for Cisco switches, and everything is working great except a guest user that has an AD account. When they try to login with their AD account they get "Invalid username or password" and I don't see any request show up in access tracker.

 

I've been trying to figure this out for hours, and I finally discovered the checkbox "Perform a local authentication check" in the Login Form.  I disabled this, and now AD auth is working.  Is this the correct way to allow AD authentication?  I wanted to make sure since I didn't see the Solution Guide mention anything about it.

Guru Elite

Re: Clearpass Guest - AD Authentication

Yes, if you’re using AD with web login, that needs to be changed to RADIUS or Application or be disabled all together (not recommended).

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: Clearpass Guest - AD Authentication

I don't see the options you mentioned in the guest self-registration portal I am using (attached).

Guru Elite

Re: Clearpass Guest - AD Authentication

You need to use a web login form to support both.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: Clearpass Guest - AD Authentication

Remember I'm new to this, so I might need a bit more info.  I see that I can create a separate web login page, but how do I integrate this with the self-registration portal? Thanks for the help so far!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: