Wireless Water Cooler

Reply
Highlighted
New Contributor

802.1X Service Enforcement: Certificate Device Hostname

Hi Airheads,

 

As part of my 802.1X service for Windows PC's in Clearpass, I want to have an enforcement condition that allows me to look at the hostname in the device certificate and see if it's a valid hostname in AD. 

Is this possible?

Any help here would be appreciated.

Thanks in advance, 

az

 

Occasional Contributor II

Re: 802.1X Service Enforcement: Certificate Device Hostname

Hello, 

 

Yes for sure, if you're using computer certificate, the certificate should have the name of the computer. 

 

Put your active directory as a source of Authentication and then create a role mapping for your service which will query the Active Directory to check multiple thinks like : if the computer is trusted, if the computer is still active, etc. 

 

Please find an example in the screenshot. 

 

 

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: