Security

Hello Community...

I have configured TACAS+ for our cisco switches and is working well.  we use our AD accounts for authentication.
some of our devices will not permit spaces in usernames so we tend to use the attribute "userPrincipalName" so the user will be frd.smith@domain.

on our palo alto firewalls we can add a domain modifier to the auth so when a user los in as fred.smith the firewall adds the "@domain" and forwards this to AD.

is there anyway this can be done on clearpass.  i have tried to add the domain to the filter query but it just ignores it.
Many thanks in advance..

Mick​

------------------------------
Michael Ball
------------------------------

Hi Michael,

On the Authentification Tab, do you have look to use Strip name ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCL: Powershell Module to use Aruba Central

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Jun 18, 2021 11:10 AM
From: Michael Ball
Subject: TACACS to Active Directory Attributes

Hello Community...

I have configured TACAS+ for our cisco switches and is working well.  we use our AD accounts for authentication.
some of our devices will not permit spaces in usernames so we tend to use the attribute "userPrincipalName" so the user will be frd.smith@domain.

on our palo alto firewalls we can add a domain modifier to the auth so when a user los in as fred.smith the firewall adds the "@domain" and forwards this to AD.

is there anyway this can be done on clearpass.  i have tried to add the domain to the filter query but it just ignores it.
Many thanks in advance..

Mick​

------------------------------
Michael Ball
------------------------------

Many thanks for your reply, i did look into this but need to add the @domain to user logon, not remove it.

Mick.


Original Message:
Sent: 6/22/2021 3:29:00 PM
From: alagoutte
Subject: RE: TACACS to Active Directory Attributes

Hi Michael,

On the Authentification Tab, do you have look to use Strip name ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCL: Powershell Module to use Aruba Central

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Jun 18, 2021 11:10 AM
From: Michael Ball
Subject: TACACS to Active Directory Attributes

Hello Community...

I have configured TACAS+ for our cisco switches and is working well.  we use our AD accounts for authentication.
some of our devices will not permit spaces in usernames so we tend to use the attribute "userPrincipalName" so the user will be frd.smith@domain.

on our palo alto firewalls we can add a domain modifier to the auth so when a user los in as fred.smith the firewall adds the "@domain" and forwards this to AD.

is there anyway this can be done on clearpass.  i have tried to add the domain to the filter query but it just ignores it.
Many thanks in advance..

Mick​

------------------------------
Michael Ball
------------------------------