04-08-2019 07:15 AM
Hi
I have a BYOD service that uses Active Directory (AD) to autenticate users to allow them to on-board and obtain a user EAP cert, the common name on the issued cert being the username. Once on-boarded the EAPTLS connection to the network is transparent to the user and requires no further input.
As part of the authorization I also want to check that the cert common name (the users name) is also a current/valid username on the AD.
Is it possible to create an authorization policy that includes passively checking the validity of the username on the AD?
i.e. if (Wireless_802.1X AND EAP-TLS certificate:common name Equals valid AD:username)
Is this possible?
Solved! Go to Solution.
04-08-2019 07:50 AM
04-08-2019 07:50 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide