New Contributor

validate sponsor email against ldap

our guest port is setup to require a sponsor name and email but not require sponosor confirmation. i'd like to make the sponsor email query ldap to make sure the sponsor email is a valid email within our company and not Currently we're using isvalidemail validator with the array below just to confrim it's an email in our domain. Any suggestions?



array (
'allow' =>
array (
0 => '',
'deny' =>
array (

Guru Elite

Re: validate sponsor email against ldap

Do you have an LDAP server defined in ClearPass Guest?

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
New Contributor

Re: validate sponsor email against ldap

i don't currently.

MVP Guru

Re: validate sponsor email against ldap

Like cappalli mentioned you need to define your LDAP server and enable LDAP lookup


2014-09-18 13_26_07-Available Plugins.png


2014-09-18 00_02_10-ClearPass Policy Manager - Aruba Networks.png

Thank you

Victor Fabian
Lead Mobility Architect @WEI
New Contributor

Re: validate sponsor email against ldap

I've set that up.


close but not exactly what i was trying to do. i can set a field as a sponsor lookup field now but i'm just wanting the user to manually type in an email address and the field to give a warning if it's not a valid email in ldap. but i don't want to give them a search box or a list of valid emails that can be chosen. maybe i just need help with creating the form now. 

MVP Expert

Re: validate sponsor email against ldap

Was their any resolution on this? I'm trying to do the same thing, but with sponsor's name instead of email.


Is there a way to query AD to see if that user exists, but I don't want them to see a suggested list of users. If that employee doesn't exist, they want to deny access or show error on registration page.

Michael Haring
If my answer is helpful, a Kudos is always appreciated!
New Contributor

Re: validate sponsor email against ldap

nope never did get it to work. just left it verifying proper and watching for strange emails.

Occasional Contributor II

Re: validate sponsor email against ldap



I have this same problem.


I need to use the sponsor_email field, and when the user introduces the complete email, check if the email is valid in a LDAP group filter.


can you help me?

Contributor II

Re: validate sponsor email against ldap

We have several items defined under ADMIN -> OPERATOR LOGINS -> SERVERS that are tied into our "Sponsor's Name" field on our guest self reg portal.


We have a custom LDAP filter defined under user search with the following --



    # Match users in any of these groups
    # Match users by any of these criteria

This allows users to punch in a few letters of a name and get a list of possible matching sponsors. We have a pretty large group of sponsors, and a lot of our guests are on mobile devices, so we felt that the convenience of only have to punch in 3 letters to get your sponsor outweighed the initial influx of "spam" emails that we received from random users off the street.



You could add (mail=*@SEARCH@*) to make emails a searchable item. You could remove the * * from each statement to make the exact search input the only thing that returns a result. I think. :)

Search Airheads
Showing results for 
Search instead for 
Did you mean: