Security

Reply
Highlighted
Occasional Contributor II

Clearpass with AD using Cert

Good day Team!

 

I am kind of new with the clearpass and AD. I have a question. 

 

I have been trying to authenticate a user with an AD using certificates but I keep getting a message that the user is not found in the AD. 

 

I have been changing the CN and the OU to try to catch a match betwwen my machine and Active directory using Clearpass. I believe that the configuration on the Clearpass is wrong. 

 

I want to ask you guys a couple of questions. 

 

 

I attached the configuration of the clearpass and the attributes as well. I want to know if that base DN is the directory that is going to be used on on the AD to look for the customer. And on the second picture, I wanna ask if that is set by default or manually? 

 

One more question: How do I specify an "any" expresion on the OU field. I want it to know that it has to look in all OUs configured on the AD. The expresion that comes to my mind is "*"

 

Thanks !

 

 

 

Guru Elite

Re: Clearpass with AD using Cert

What is the format of the username shown in access tracker? (Authentication:Full-Username)


Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Clearpass with AD using Cert

Thank you for your reply!

 

here is the username: UNAD\aron.gutierrez

Guru Elite

Re: Clearpass with AD using Cert

Do you have username stripping enabled in your service? This is required for legacy down level logon name username formats.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Clearpass with AD using Cert

Hello! 

 

No, its not enabled. I am looking into this right now. 

 

 

Occasional Contributor II

Re: Clearpass with AD using Cert

I enabled the feature but it keep saying that the full username is UNAD\aron.gutierrez. 

Guru Elite

Re: Clearpass with AD using Cert

Is it still failing?

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Clearpass with AD using Cert

Yes Sir, it is still failing 

Guru Elite

Re: Clearpass with AD using Cert

Please post a screenshot of the strip rule.

Tim Cappalli | Aruba Security
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II

Re: Clearpass with AD using Cert

Sure! 

 

Here is the screenshot

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: