Security

Upcoming community maintenance Oct. 27th through Oct. 29th
For more info click here
Reply
Highlighted
All-Decade MVP 2020

Clearpass Services for Multiple Domains

We have two domains that are very similar. 

 

We have students and Staff that connect and are members of seperate domains. 

 

We found out today that there was a duplicate username out there on the two different domains. So when a student tries to connect to wireless, they end up in the staff VLAN. 

 

Currently we have 1 service that returns the role for student or staff. My thought was that we put a seperate service for staff and students so they would only authenticate against the AD sources within the service. 

 

I might be over complicating things. 

 

What would you suggest is the best way to handle multiple domains with the possibility of duplicate user names? 

 

Apparently they used to just be able to type DOMAIN/Username and that was enough to fix the issue, but now that doesn't appear to work. 


Accepted Solutions
Highlighted
Moderator

Re: Clearpass Services for Multiple Domains

Your service could have a rule that says Full-Username BEGINS_WITH "DOMAIN\"


Thanks,
Tim


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: Clearpass Services for Multiple Domains

Your service could have a rule that says Full-Username BEGINS_WITH "DOMAIN\"


Thanks,
Tim


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
All-Decade MVP 2020

Re: Clearpass Services for Multiple Domains

Brilliant and simple solution. 

 

I like your style. Thanks for the help!

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: