Security

Reply
Contributor II
Posts: 55
Registered: ‎03-03-2011

Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

I'm in the process of setting up a Clearpass Policy Manager server for our wireless infrastructure and I'm stuck on the configuration of the AD Source, particualarly since in our AD infrastructure we use BOTH sAMAccountName and userPrincipalName.

 

I was able to get it working with userPrincipalName by going into Sources -> My AD Server -> Attributes -> Authentication -> Edit/Modify -> Filter Query:

 

(&(objectClass=user)(userPrincipalName=%{Authentication:Username}))

 

However how do I change this filter query to support both searches for sAMAccountName and userPrincipalName?

 

Thanks

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

Is your UPN just your sAMAccountName@domain.xyz ?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II
Posts: 55
Registered: ‎03-03-2011

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

No, they are completely different

 

For example, they are setup as 'first.last@domain.com' and sam is 'flast'

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

[ Edited ]

Try this filter:

 

(|(&(objectClass=user)(sAMAccountName=%{Authentication:Username}))(&(objectClass=user)(userPrincipalName=%{Authentication:Username})))

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II
Posts: 55
Registered: ‎03-03-2011

Re: Clearpass Policy Manager - AD sAMAccountName & userPrincipalName

Thanks Tim that did it!

Search Airheads
Showing results for 
Search instead for 
Did you mean: