Security

 View Only

  • 1.  ClearPass integration with EntraID

    Posted 13 days ago

    Dear Team,

    One of our customers is migrating their AD to Entra-ID. Once the migration is complete, they will shut down their on-premise AD permanently.

    Now the point is that..ClearPass is now integrated with AD and working properly (for Wired and Wireless authentication). 

    Once on-premise AD moved to Entra-ID, ClearPass must be integrated with Entra-ID. Here's the confusion..

    • How do I integrate with ClearPass Entra-ID?

    • Will secure LDAP integration work?

    • Is Intune mandatory to integrate ClearPass with Entra-ID?

    Reg,

    Shamz



  • 2.  RE: ClearPass integration with EntraID

    Posted 13 days ago

    Hi

    Entra ID is added as an authentication source and the connection is based on API.

    LDAP is not supported as far as I know by Entra ID. It's not mandatory to do Intune integration.

    Remember that the functions for Entra ID is enhanced in ClearPass 6.12. Do not us 6.11 for this setup, even if 6.11 has some basic functions. In 6.12 there are several enhancements in both features and stability for the Entra ID integration.



    ------------------------------
    Best Regards
    Jonas Hammarbäck
    MVP Guru, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security
    Aranya AB
    If you find my answer useful, consider giving kudos and/or mark as solution
    ------------------------------

    Original Message


  • 3.  RE: ClearPass integration with EntraID

    Posted 13 days ago

    Hi,

    Hermann has created documents on it and it is not that difficult. You have to know that you cannot use username/password authentication, you have to use EAP-TLS which means client certificates. Intune is not mandatory, ClearPass can extract the username from the certificate, query EntraID for user account existence and query user group membership.

    There are some discussions on it, mainly what you need is a new Authentication method and Source using EntraID. On this forum you can find some discussions on it.

    I use 6.11 and there is no issue or bug with it so far.

    Best Regards

    Istvan


    Original Message


  • 4.  RE: ClearPass integration with EntraID

    Posted 12 days ago

    Hi there,

    do you have the link for the documents which Hermann has created

    TIA

    David


    Original Message


  • 5.  RE: ClearPass integration with EntraID

    Posted 12 days ago

    These should point you in the right direction: https://community.arubanetworks.com/discussion/clearpass-611-entra-id#bm6d462785-445c-4f11-b68f-0196856ce10e



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message


  • 6.  RE: ClearPass integration with EntraID

    Posted 3 days ago

    Dear Herman and Jonas,

    So, I hope that Intune integration is not required for AD group based role enforcement to happen in ClearPass, just Entra ID integration is enough. Can we use EAP-TEAP (both options are TLS) for the end user dot1X authentication? Or is there any challenge?

    Please clear me.

    Reg.

    Shamz


    Original Message


  • 7.  RE: ClearPass integration with EntraID

    Posted 2 days ago

    Any update please


    Original Message


Related Content