HPE Community
Other HPE Product Questions
1833299 Members
2978 Online
110051 Solutions
New Discussion

Clearpass service Matching with AD group

 
ZC84
Occasional Visitor

‎07-03-2025 01:11 AM

‎07-03-2025 01:11 AM

Clearpass service Matching with AD group

Hello everyone,

I have two ClearPass services that are very similar in their matching conditions. The difference is that the service I’m currently working on uses FortiAuthenticator for authentication instead of Active Directory (AD). The problem is that the first service in the list is matching all requests because the conditions are almost identical, so it “captures” all authentications.

I want to make sure that the service using FortiAuthenticator only matches if the user belongs to a specific AD group—this way, only users who require 2FA are matched by this service. If the user is not in that group, the request should fall through to the other service which authenticates via AD without 2FA.

How can I add a condition to the ClearPass service to check the user’s AD group membership during authentication so the correct service matches based on whether the user should have 2FA or not?

Thanks in advance.

 




0 Kudos
Reply
1 REPLY 1
support_s
System Recommended

‎07-03-2025 01:15 AM

‎07-03-2025 01:15 AM

Query: Clearpass service Matching with AD group

Hello,

 

Thank you for posting! HPE Networking forum has moved to Airheads Community. For HPE Aruba Networking product queries, request you to visit and post your query here.

 

You can refer to this link for more details.

Please click on "Thumbs Up/Kudo" icon to give a "Kudo".

 

Thank you for being a HPE valuable community member.


Accept or Kudo

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.