Dell Powerconnect W-ClearPass Hardware Appliances User Manual page 137
W-clearpass policy manager 6.0 user guide
Hide thumbs
Also See for Powerconnect W-ClearPass Hardware Appliances:
- Deployment manual (320 pages) ,
- Quick start manual (28 pages) ,
- Hardware installation manual (13 pages)
Table of Contents
Advertisement
Parameter
Description
The following tables describes the steps used in creating a filter.
Table 64:
Filter Creation Steps
Step
Description
Step 1
The goal of filter creation is to help Policy Manager understand how to find a user or device connecting
to the network in LDAP or Active Directory. From the Filter tab, click on a node that you want to extract
Select
user or device information from. For example, browse to the Users container in Active Directory and
filter
select the node for a user (Alice, for example). On the right hand side, you see attributes associated
node
with that user.
Step 2
Click on attributes that will help Policy Manager to uniquely identify the user or device. For example, in
Active Directory, an attribute called sAMAccountName stores the user ID. The attributes that you select
Select
are automatically populated in the filter table displayed below the browser section (along with their
attribute
values). In this example, if you select sAMAccountName, the row in the filter table will show this
attribute with a value of alice (assuming you picked Alice's record as a sample user node).
Step 3
After Step 3, you have values for a specific record (Alice's record, in this case). Change the value to a
dynamic session attribute that will help Policy Manager to associate a session with a specific record in
Enter
LDAP/AD. For example, if you selected the sAMAccountName attribute in AD, click on the value field
value
and select %{Authentication:Username}. When Policy Manager processes an authentication request %
(optional)
{Authentication:Username} is populated with the user ID of the user connecting to the network.
Step 4
Add more attributes from the node of interest and continue with Step 2.
AD/LDAP Configure Filter Attributes Tab
The Attributes tab defines the attributes to be fetched from Active Directory or LDAP directory. Each attribute
can also be "Enabled as Role," which means the value fetched for this attribute can be used directly in Enforcement
Policies (See
"Configuring Enforcement Policies " on page
Dell Networking W-ClearPass Policy Manager 6.0 | User Guide
229.)
137
Advertisement
Table of Contents
