Security

Reply
Contributor II

Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

I'm in the process of setting up a Clearpass Policy Manager server for our wireless infrastructure and I'm stuck on the configuration of the AD Source, particualarly since in our AD infrastructure we use BOTH sAMAccountName and userPrincipalName.

 

I was able to get it working with userPrincipalName by going into Sources -> My AD Server -> Attributes -> Authentication -> Edit/Modify -> Filter Query:

 

(&(objectClass=user)(userPrincipalName=%{Authentication:Username}))

 

However how do I change this filter query to support both searches for sAMAccountName and userPrincipalName?

 

Thanks

Guru Elite

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

Is your UPN just your sAMAccountName@domain.xyz ?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

No, they are completely different

 

For example, they are setup as 'first.last@domain.com' and sam is 'flast'

Guru Elite

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

Try this filter:

 

(|(&(objectClass=user)(sAMAccountName=%{Authentication:Username}))(&(objectClass=user)(userPrincipalName=%{Authentication:Username})))

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

Thanks Tim that did it!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: