Security

last person joined: 21 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass and Microsoft Azure Secure LDAP

This thread has been viewed 19 times

  • 1.  ClearPass and Microsoft Azure Secure LDAP

    Posted May 05, 2020 05:20 AM
      |   view attached

    Hi,

    I did a Clearpass integration with Intune. Mitchell's series helped me https://www.youtube.com/watch?v=MlcrqTDDufU&list=PL3plItwCwe9ZoRYfq0hEunPugCudvap_2

     

    Devices get certificates and I was able to do computer authentication, but I have a problem to configure Azure AD as authentication source for user authentication. Is there any step-by-step guide that could help me? In Mitchell's series it is not shown.

     



  • 2.  RE: ClearPass and Microsoft Azure Secure LDAP

    EMPLOYEE


  • 3.  RE: ClearPass and Microsoft Azure Secure LDAP

    Posted May 05, 2020 01:25 PM

    In links that you added there are no Azure AD Domain Services configuration. I found my mistake here: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps

     

    Now I face another problem..

    Even though I can check BaseDN, I get an error when trying to authenticate user.. (Screenshots uploaded)



  • 4.  RE: ClearPass and Microsoft Azure Secure LDAP

    EMPLOYEE
    Posted May 06, 2020 05:00 AM

    Hi ,

     

    Please go through the same link again,

     

    We do not support the Adding the Azure as LDAP authentication source in ClearPass.

    You have to use SAML or OAuth 2.0 against Azure Active Directory to authenticate users to push the TLS certificate (ClearPass Onboarding).

     

     



  • 5.  RE: ClearPass and Microsoft Azure Secure LDAP

    Posted May 06, 2020 05:18 AM

    Hi,

     

    If you take a look https://www.youtube.com/watch?v=cuSEVcNKEi8&list=PL3plItwCwe9ZoRYfq0hEunPugCudvap_2&index=3 it works fine.



  • 6.  RE: ClearPass and Microsoft Azure Secure LDAP

    EMPLOYEE
    Posted May 06, 2020 05:47 AM

    Hi 

     

    My bad, i think here we have the LDAP connectivity issue here.

     

    Could you please try changing the Connection Security to "none" or change the Host name to ldap://<Ip-Address> over Port number 389.

     



  • 7.  RE: ClearPass and Microsoft Azure Secure LDAP

    Posted May 06, 2020 10:37 AM

    Hi,

     

    Hostname cannot be in ip address (numbers).

    changing to Connection Security "none" - didn't work.



  • 8.  RE: ClearPass and Microsoft Azure Secure LDAP

    EMPLOYEE
    Posted May 06, 2020 11:06 AM

    Hi,

     

    I think some config miss from the Azure side, Please recheck the config.

     

    Also could you please collect the packet captures during the authentication and also provide the Dashboard Details(Access Tracker Logs)

     



  • 9.  RE: ClearPass and Microsoft Azure Secure LDAP

    MVP EXPERT
    Posted May 07, 2020 01:59 PM

    AAD DS is not officially supported with CPPM. It is not the same thing as AAD. If your user accounts already exist in Azure AD, use modern authentication.