Security

 View Only
last person joined: 11 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

TACACS to Active Directory Attributes

This thread has been viewed 10 times

  • 1.  TACACS to Active Directory Attributes

    Posted Jun 18, 2021 11:39 AM
    Hello Community...

    I have configured TACAS+ for our cisco switches and is working well.  we use our AD accounts for authentication.
    some of our devices will not permit spaces in usernames so we tend to use the attribute "userPrincipalName" so the user will be frd.smith@domain.

    on our palo alto firewalls we can add a domain modifier to the auth so when a user los in as fred.smith the firewall adds the "@domain" and forwards this to AD.

    is there anyway this can be done on clearpass.  i have tried to add the domain to the filter query but it just ignores it.
    Many thanks in advance..

    Mick​

    ------------------------------
    Michael Ball
    ------------------------------


  • 2.  RE: TACACS to Active Directory Attributes

    MVP GURU
    Posted Jun 22, 2021 03:29 PM
    Hi Michael,

    On the Authentification Tab, do you have look to use Strip name ?

    ------------------------------
    PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

    PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

    PowerArubaCL: Powershell Module to use Aruba Central

    PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

    ACEP / ACMX #107 / ACDX #1281
    ------------------------------

    Original Message


  • 3.  RE: TACACS to Active Directory Attributes

    Posted Jun 22, 2021 04:07 PM
    Many thanks for your reply, i did look into this but need to add the @domain to user logon, not remove it.

    Mick.


    Original Message