Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass Username suffix

This thread has been viewed 2 times

  • 1.  Clearpass Username suffix

    Posted Oct 02, 2018 08:59 AM

    Hi all,

     

    We are trying to add a suffix in the username, to match the UID of a machine in a LDAP.

    The windows machine is showing a full-username "host/hostname", so with stripping we removed the "host/", but now we need to ass a special character as a suffix , to search for "hostname$" in LDAP. Is it possible to realize this ?

     

    Thanks, 



  • 2.  RE: Clearpass Username suffix

    MVP
    Posted Oct 04, 2018 04:26 PM

    I do not believe ClearPass can natively add anything to an authentication before querying LDAP. You can add a suffix or prefix to a device afterward, which will show up in Access Tracker, but not as a part of the actual authentication. 

     

    You may be able to do that in the actual LDAP Authentication Source by customizing the query, but I would work with TAC to go through it.

     

    I'm a little confused though, what's the need to add the special character? We're integrated with AD and do the same stripping and do not need to add anything special for it to work.