Help page says ... is there any more info as to what this actually means?
A
Authorization Required
This parameter is enabled by default. Specify whether to perform an authorization check.
If enabled, the user must exist in the identity store (authentication source) before continuing on to regular authorization.
o.k. so just to check
if I have a cert with a cn of the form <userid>-1234@york,ac.uk and I can strip off everything including and after the "-" I end up with the userid. The ocsp method is bundled with peap and ttls in a service so the auth source is AD
So if I check the box will that mean that if <userid> isn;t in AD I'll get an access reject ?
Username is the EAP Identity, not necessarily the cert CN.
OCSP is not used with TTLS or PEAP.
If the username does not exist in AD, it will be rejected, assuming authorization is enabled.
>Username is the EAP Identity, not necessarily the cert CN.
o.k.
>OCSP is not used with TTLS or PEAP.
Yup I know
>If the username does not exist in AD, it will be rejected, assuming >authorization is enabled.
o.k thanks
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.