Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

RSA Radius - User not found in CPPM

This thread has been viewed 1 times

  • 1.  RSA Radius - User not found in CPPM

    Posted Mar 10, 2018 08:08 AM

    Hi all,

     

     

    we have two identity stores - RSA SecureID and AD. Only a couple of users are configured in our RSA server. I configured a Radius service with authentication RSA as first in the list and AD as second. Problem is that CPPM never asks the AD. It simply rejects the user by the RSA server. 

     

    ->Example RSA user exists -> Accept send back the CPPM -> OK

    ->Example RSA user does not exists -> Reject send back to CPPM -> no ok

     

    So basically as soon as a reject is send from the RSA the next identity in the sequence should be requested. Is there a way to do it? In Cisco ACS environments i am able to set how a reject is threat - as user not found or as a real reject. Can i do the same with CPPM? 

     



  • 2.  RE: RSA Radius - User not found in CPPM

    EMPLOYEE
    Posted Mar 10, 2018 08:10 AM
    If the user is found in the identity store, that source will be used for authentication.