Security

Hi Everyone,

I would like to match mutliple values to an attribute. However the field contains comma in the strings, the value is a DN. 

In the document i see: "For string data type, true if the run-time value of the attribute matches a set of configured string values.

Example: RADIUS:IETF:Service-Type BELONGS_TO Login-User,Framed-User,Authenticate-Only" it shows to use comma between matching values. 

How can i match mutliple values which are:

- OU=My Name,O=My O,C=CA

- OU=My Name2,O=My O,C=CA

- OU=My Name3,O=My O,C=CA

Right now i have seperate lines for each OU and use a equals, but this is making my role mapping policy messy. What is the escape character in ClearPass policy?

Thanks,

_ELiasz

Thanks Cappalli. In my example, lets use 2 DN we are looking to match:

- OU=My Name,O=My O,C=CA

- OU=My Name2,O=My O,C=CA

For anyone else trying this in the future: 

Here is what worked :

Certificate:Issuer-DN  BELONGS_TO OU=My Name","O=My O","C=CA,OU=My Name2","O=My O","C=CA

These did not work:

Certificate:Issuer-DN  BELONGS_TO OU=My Name\,O=My O\,C=CA,OU=My Name2\,O=My O\,C=CA

Certificate:Issuer-DN  BELONGS_TO OU=My Name\Q,\EO=My O\Q,\EC=CA,OU=My Name2\Q,\E,O=My O\Q,\EC=CA

Thanks for pointing me in the right direction.