like i said, there is the possibility that the user connected to a rogue AP and provide them the AD credential. for integration with existing SSO, any link related to this?
i am thinking about another workflow for secure onboard provisioning:
let say the user first complete guest registration like any other guests do. After that they will sign in using the credential sent to their email.
After this, Clearpass will use two different workflow for guest and BYOD by checking the email domain entered in the guest registration. If the domain is the user corporate domain, letsay xyz.com, then clearpass will redirect the user to onboarding portal, otherwise they will automatically get internet access. This will ensure the user to fill AD credential on onboarding portal to the correct corporate WLAN
can we do this?