Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

MAC Authentication appending domain name to user name

This thread has been viewed 0 times

  • 1.  MAC Authentication appending domain name to user name

    Posted May 19, 2015 07:43 AM

    This is a wierd one!

     

    I have multiple HP Comware switches that are all happily doing MAC Auth on wired users, authenticating agains a clearpass service. Except one switch that fails MAC auth for a Windows PC as it can't do service categorization. The reason it cant is because for some reason, the user name passed to Clearpass is not just the mac, but the mac with @domain-name appended to the end.

     

    All switches are using the same version of code, have exactly the same config and all are passing a username of just a mac address, only one switch is adding the domain on the end.

     

    Anyone ever seen this before? It's a windows 7 PC but if I plug it into one of the other switches, it works correctly so I don't think its a Windows issue.

     

     



  • 2.  RE: MAC Authentication appending domain name to user name

    EMPLOYEE
    Posted May 19, 2015 07:46 AM
    Maybe you can ask HP why it does that?


  • 3.  RE: MAC Authentication appending domain name to user name
    Best Answer

    Posted May 19, 2015 07:55 AM

    Ignore me, there is a setting in the RADIUS config called 'user-name-format without-domain' which hadn't been applied on the switch.