Security

Reply
FXE
Occasional Contributor II

Authentication via Secure Channel

Hi Guys,
Have some question. My AD is using data signing feature to have secure communication to the domain endpoints.

Now, I will put in between the AD and the domain endpoints the ClearPass. Does ClearPass can still authenticate the domain endpoints even if the data signing feature of AD is turned-on?

Thanks
Guru Elite

Re: Authentication via Secure Channel

LDAPS is between ClearPass and your Active Directory environment. Your EAP method choice will determine credential security between the client device and ClearPass.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
FXE
Occasional Contributor II

Re: Authentication via Secure Channel

Hi cappalli,

thanks for the feedback.

so meaning, clearpass can still authenticate even if AD has Data Signing enabled?

thanks

Guru Elite

Re: Authentication via Secure Channel

If it's just LDAPS, yes. Never heard of it referred to as that before.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
FXE
Occasional Contributor II

Re: Authentication via Secure Channel

hi cappalli,

yes we are using AD over SSL (port 636) between CPPM and AD however, in the AD itself the data signing feature is turned-on.

Guru Elite

Re: Authentication via Secure Channel

I'm not familiar with that feature. Link?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
FXE
Occasional Contributor II

Re: Authentication via Secure Channel

hi cappalli,

actually i am not familiar also since i am not an AD guy.

maybe you can look ino this link.

https://technet.microsoft.com/en-us/library/jj852234(v=ws.11).aspx

thanks

FXE
Occasional Contributor II

Re: Authentication via Secure Channel

hi cappalli,

actually i am not familiar also since i am not an AD guy.

maybe you can look ino this link.

 

https://technet.microsoft.com/en-us/library/jj852234(v=ws.11).aspx

 

thanks

Guru Elite

Re: Authentication via Secure Channel

This is not something we've tested. Your mileage may vary.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: