Super Contributor II

clearpass regular expressions


I've got a clearpass service that is used to authenticate our eduroam users against our AD service.


Amongst other things service selection is done by checking that radius:ietf:User-Name contains which is our standard eduroam realm.


AD authentication is set up to strip off the suffic and also , if present to remove our AD domain prefix (ITSYORK)


I thought that I could use match_regex specifying




to select the service based upon the User-Name  is but the above doesn't work. What should I be specifying?





Guru Elite

Re: clearpass regular expressions

I usually just do


Authentication:Full Username             ENDS_WITH


You don't want to allow DOMAIN\ on eduroam. It is not valid and users will not be able to connect at other universities.


Take a look here at how you can work around this:


Tim Cappalli | Aruba Security
@timcappalli | | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: