Contributor I

Clearpass - Strip Username Rule Challenge



I've ran into an issue when I strip the domain if the users enter their full e-mail address in the authentication form in a captive portal. I'm using the "user:@" strip rule which works fine for AD authentication source but the full e-mail username is needed for Clearpass guest auth source accounts. With this strip rule active users can't login with guest accounts. I don't have the luxury of disabling the rule since some AD users still use their full e-mail to authenticate at times.


Anyone have any ideas of how to solve this challenge? I thought that I could possibly use @ouraddomain as separator for AD users but that does not appear to be allowed.





Guru Elite

Re: Clearpass - Strip Username Rule Challenge

I have run into this and solved it by using a separate employee web login page with two different services. You can key off the page name in the service rules.

Tim Cappalli | Aruba Security
@timcappalli | | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: