Security

last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Windows Server admin access via CP RADIUS authentication by using AD credentials

This thread has been viewed 1 times

  • 1.  Windows Server admin access via CP RADIUS authentication by using AD credentials

    Posted Dec 11, 2017 03:17 AM

    Hi Community,

     

    I wanted to use CP as RADIUS server for Windows server admin login by using AD credentials. How I can make Windows server as RADIUS client? Do I need agnet to install on windows server? What would be the enforcement profile on CP to give "read-only" and "read-write" access to AD users?

    Any help in this regarding will be much appreciated.

     

    Regards,

     

    HSHA

     

     



  • 2.  RE: Windows Server admin access via CP RADIUS authentication by using AD credentials

    EMPLOYEE
    Posted Dec 11, 2017 08:10 AM
    Windows does not support RADIUS-based login.


  • 3.  RE: Windows Server admin access via CP RADIUS authentication by using AD credentials

    Posted Dec 12, 2017 07:17 AM

    Thnaks TIM..

    But is there any work around to implement this?

     

     



  • 4.  RE: Windows Server admin access via CP RADIUS authentication by using AD credentials

    EMPLOYEE
    Posted Dec 12, 2017 08:08 AM
    No, there's not. I really don't understand the goal here. Makes no sense.


  • 5.  RE: Windows Server admin access via CP RADIUS authentication by using AD credentials

    Posted Dec 12, 2017 11:25 PM

    The goal here is to give Admin access and limited access to AD users base on their credential by using clearpass RADIUS based authentication for Windows server's login.

    Its the same concept like for any other NAD devices (i.e. switches, routers, linux servers etc.)



  • 6.  RE: Windows Server admin access via CP RADIUS authentication by using AD credentials

    EMPLOYEE
    Posted Dec 12, 2017 11:28 PM
    If ClearPass is using AD as the authentication source, why would you want a server to authenticate against ClearPass instead to directly to AD?

    Either way, it can’t be done. Windows does not support RADIUS-based authentication for interactive log in. Sorry.