03-06-2015 04:26 AM
I've got a clearpass service that is used to authenticate our eduroam users against our AD service.
Amongst other things service selection is done by checking that radius:ietf:User-Name contains @york.ac.uk which is our standard eduroam realm.
AD authentication is set up to strip off the @york.ac.uk suffic and also , if present to remove our AD domain prefix (ITSYORK)
I thought that I could use match_regex specifying
to select the service based upon the User-Name is but the above doesn't work. What should I be specifying?
03-06-2015 11:26 AM
I usually just do
Authentication:Full Username ENDS_WITH @york.ac.uk
You don't want to allow DOMAIN\ on eduroam. It is not valid and users will not be able to connect at other universities.
Take a look here at how you can work around this:
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP