Security

Good day Team!

 

I am kind of new with the clearpass and AD. I have a question. 

 

I have been trying to authenticate a user with an AD using certificates but I keep getting a message that the user is not found in the AD. 

 

I have been changing the CN and the OU to try to catch a match betwwen my machine and Active directory using Clearpass. I believe that the configuration on the Clearpass is wrong. 

 

I want to ask you guys a couple of questions. 

 

 

I attached the configuration of the clearpass and the attributes as well. I want to know if that base DN is the directory that is going to be used on on the AD to look for the customer. And on the second picture, I wanna ask if that is set by default or manually? 

 

One more question: How do I specify an "any" expresion on the OU field. I want it to know that it has to look in all OUs configured on the AD. The expresion that comes to my mind is "*"

 

Thanks !

 

 

 

What is the format of the username shown in access tracker? (Authentication:Full-Username)

Thank you for your reply!

 

here is the username: UNAD\aron.gutierrez

Do you have username stripping enabled in your service? This is required for legacy down level logon name username formats.

Hello! 

 

No, its not enabled. I am looking into this right now. 

 

 

I enabled the feature but it keep saying that the full username is UNAD\aron.gutierrez. 

Is it still failing?

Yes Sir, it is still failing 

Please post a screenshot of the strip rule.

Sure! 

 

Here is the screenshot

That looks correct. Please work with Aruba TAC.

Will do! 

 

Thanks for the help!