Security

Reply
Highlighted
All-Decade MVP 2020

Escape Characters in Belongs_to or Match_any

Hi Everyone,

 

I would like to match mutliple values to an attribute. However the field contains comma in the strings, the value is a DN. 

 

In the document i see: "For string data type, true if the run-time value of the attribute matches a set of configured string values.

Example: RADIUS:IETF:Service-Type BELONGS_TO Login-User,Framed-User,Authenticate-Only" it shows to use comma between matching values. 

 

How can i match mutliple values which are:

 

OU=My Name,O=My O,C=CA

- OU=My Name2,O=My O,C=CA

- OU=My Name3,O=My O,C=CA

 

Right now i have seperate lines for each OU and use a equals, but this is making my role mapping policy messy. What is the escape character in ClearPass policy?

 

Thanks,


_ELiasz

-------------------
ACDX, ACCP, CISSP, CWNA

Accepted Solutions
Highlighted
Moderator

Re: Escape Characters in Belongs_to or Match_any

Use a regex operator.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post


All Replies
Highlighted
Moderator

Re: Escape Characters in Belongs_to or Match_any

Use a regex operator.


If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

View solution in original post

Highlighted
All-Decade MVP 2020

Re: Escape Characters in Belongs_to or Match_any

Thanks Cappalli. In my example, lets use 2 DN we are looking to match:

 

OU=My Name,O=My O,C=CA

- OU=My Name2,O=My O,C=CA

 

For anyone else trying this in the future: 

 

Here is what worked :

Certificate:Issuer-DN  BELONGS_TO OU=My Name","O=My O","C=CA,OU=My Name2","O=My O","C=CA

 

These did not work:

 

Certificate:Issuer-DN  BELONGS_TO OU=My Name\,O=My O\,C=CA,OU=My Name2\,O=My O\,C=CA

 

Certificate:Issuer-DN  BELONGS_TO OU=My Name\Q,\EO=My O\Q,\EC=CA,OU=My Name2\Q,\E,O=My O\Q,\EC=CA

 

 

Thanks for pointing me in the right direction. 

-------------------
ACDX, ACCP, CISSP, CWNA
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: