Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

921

922

923

924

925

926

927

928

929

930

924 | Rules Editing and Namespaces Dell Networking W-ClearPass Policy Manager 6.6 | User Guide

RSAToken Instance Namespace

For each instance of an RSA Token Server authentication source, there is an RSA Token Server instance

namespace that appears in the rules editing interface. The RSA Token Server instance namespace consists of

attributes names defined when you created an instance of this authentication source. The attribute names are

pre-populated for administrative convenience.

Sources

This is the list of the authorization sources from which attributes were fetched for role mapping. Authorization

namespaces appear in Role mapping policies.

SQL Instance Namespace

For each instance of an SQL authentication source, there is an SQL instance namespace that appears in the

rules editing interface. The SQL instance namespace consists of attributes names defined when you created an

instance of this authentication source. The attribute names are pre-populated for administrative convenience.

For Policy Manager to fetch the values of attributes from a SQL-compliant database, you need to define filters

for that authentication source.

Certificate Namespaces

The certificate namespace can be used in role mapping policies to define roles based on attributes in the client

certificate presented by the end host. Client certificates are presented in mutually authenticated 802.1X EAP

methods (EAP-TLS, PEAP/TLS, EAP-FAST/TLS).

Certificate Namespace Editing Context

Role mapping policies

Attribute Name Values

Version Certificate version

Serial-Number Certificate serial number

l Subject-C

l Subject-CN

l Subject-DC

l Subject-DN

l Subject-emailAddress

l Subject-GN

l Subject-L

l Subject-O

l Subject-OU

l Subject-SN

l Subject-ST

l Subject-UID

Attributes associated with the subject (user or machine, in this case). Not all of

these fields are populated in a certificate.

l Issuer-C

l Issuer-CN

Attributes associated with the issuer (Certificate Authorities or the enterprise CA).

Not all of these fields are populated in a certificate.

Table 469: Certificate Namespace Attributes