Message Image

Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

Skip main navigation (Press Enter).

Wireless Water Cooler

View Only

last person joined: one month ago

Hang out and socialize with other community members in this off topic forum. Everything from industry trends to hobbies and interests are welcomed!

Back to discussions

Expand all | Collapse all

802.1X Service Enforcement: Certificate Device Hostname

This thread has been viewed 2 times

1. 802.1X Service Enforcement: Certificate Device Hostname

0 Kudos
arthurmzee
Posted Oct 31, 2019 01:30 PM

Reply Reply Privately
Hi Airheads,

As part of my 802.1X service for Windows PC's in Clearpass, I want to have an enforcement condition that allows me to look at the hostname in the device certificate and see if it's a valid hostname in AD.
Is this possible?
Any help here would be appreciated.
Thanks in advance,
az
2. RE: 802.1X Service Enforcement: Certificate Device Hostname

0 Kudos
jcravobnc
Posted Nov 11, 2019 04:00 AM
| view attached

Reply Reply Privately
Hello,

Yes for sure, if you're using computer certificate, the certificate should have the name of the computer.

Put your active directory as a source of Authentication and then create a role mapping for your service which will query the Active Directory to check multiple thinks like : if the computer is trusted, if the computer is still active, etc.

Please find an example in the screenshot.

Powered by Higher Logic