Security

Reply
Occasional Contributor I
Posts: 6
Registered: ‎03-18-2013

UPN authentication with clearpass and active directory

I have Clearpass authenticating iPhones and Androids.  I need to pass the UPN authentication from Clearpass to Active Directory to have Clearpass make a decision.  Both phones authenticate via a certificate.

 

My Android phones authenticate with the AD SAM username. EX ncci/ncdlt. The iPhones try to authenticate with the UPN. EX daniel_tominovich@ncci.com.  The Androids work and the iPhones do not.

How do I get Clearpass to pass the UPN on to AD for authentication?

Guru Elite
Posts: 8,203
Registered: ‎09-08-2010

Re: UPN authentication with clearpass and active directory

Under the authentication tab (at the bottom), try stripping the domain using the "user:@" syntax.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Occasional Contributor I
Posts: 6
Registered: ‎03-18-2013

Re: UPN authentication with clearpass and active directory

I tried that and it had no effect on the authentication.

Thanks

Occasional Contributor I
Posts: 6
Registered: ‎03-18-2013

Re: UPN authentication with clearpass and active directory

Changing from this:

 

(&(objectClass=user)(sAMAccountName=%{Authentication:Username}))


to this:
(|(&(objectClass=user)(sAMAccountName=%{Authentication:Username}))(&(objectClass=user)(userPrincipalName=%{Authentication:Username})))

 

was the fix.

Search Airheads
Showing results for 
Search instead for 
Did you mean: