Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

111

112

113

114

115

116

117

118

119

120

114 | Services Dell Networking W-ClearPass Policy Manager 6.3 |User Guide

Select Strip Username Rules to pre-process the user name (to remove prefixes and suffixes) before authenticating and

authorizing against the authentication source.

Authorization Tab

The Authorization tab is not visible by default. To access it, select the Authorization check box on the Services tab.

The Authorization tab is where you select authorization sources for this service. Policy Manager fetches role mapping

attributes from the authorization sources associated with the service, regardless of which authentication source was

used to authenticate the user. For a given service, role mapping attributes are fetched from the following authorization

sources:

l The authorization sources associated with the authentication source.

l The authorization sources associated with the service. For more information on configuring authorization sources,

refer to "Adding and Modifying Authentication Methods" on page 131.

To add an authorization source, select it from the drop-down list.

For authorization sources in the list, you can select one and use the buttons on the right to:

l Remove it.

l View its details.

l Modify it.

For more information on configuring authorization sources, see "Adding and Modifying Authentication Methods" on

page 131.

Roles Tab

To associate a role mapping policy with this service click on the Roles tab. For information on configuring role

mapping policies, see "Configuring a Role Mapping Policy" on page 189.

Posture Tab

This type of service does not have Posture checking enabled by default. To enable posture checking for this service,

select the Posture Compliance check box on the Service tab.

You can enable posture checking for this kind of service if you are deploying Policy Manager in a Microsoft NAP or

Cisco NAC framework environment, or if you are deploying a Dell hosted captive portal that does posture checks

through a dissolvable agent. You can also choose to Enable auto-remediation of non-compliant end-hosts and enter

the Remediation URL of a server resource that can perform remediation action (when a client is quarantined).

When you configure posture policies, only those that are configured for the OnGuard Agent are shown in a list of posture

policies.

For more information on configuring Posture Polices and Posture Servers, see "Adding a Posture Policy" on page 198

and "Adding and Modifying Posture Servers" on page 230.

Enforcement Tab

The Enforcement tab is where you select an enforcement policy for a service. You must select one.

See "Configuring Enforcement Policies" on page 277 for more information.

Audit Tab

By default, this type of service does not have Audit checking enabled and the Audit tab is not visible. To access it and

enable posture checking for this service select the Audit End-hosts check box on the Service tab.