Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

441

442

443

444

445

446

447

448

449

450

Attribute

Name

Values

MacAuth l NotApplicable - Not a MAC Auth request

l Known Client - Client MAC address was found in an authentication source

l Unknown Client - Client MAC address was not found in an authentication source

Username The username as received from the client (after the strip user name rules are applied).

Full-

Username

The username as received from the client (before the strip user name rules are applied).

Source The name of the authentication source used to authenticate the user.

Table 310:

Authentication Namespace Attributes (Continued)

Authorization Namespaces

Policy Manager supports multiple types of authorization sources. Authorization sources from which values of attributes

can be retrieved to create role mapping rules have their own separate namespaces (prefixed with Authorization:).

Authorization editing context

Role mapping policies

AD Instance Namespace

For each instance of an Active Directory authentication source, there is an AD instance namespace that appears in the

rules editing interface. The AD instance namespace consists of all the attributes that were defined when the

authentication source was created. These attribute names are pre-populated. For Policy Manager to fetch the values of

attributes from Active Directory, you need to define filters for that authentication source (see "Adding and Modifying

Authentication Sources" on page 149 for more information).

Authorization

The authorization namespace has one attribute: sources. The values are pre-populated with the authorization sources

defined in Policy Manager. Use this to check for the authorization source(s) from which attributes were extracted for

the authenticating entity.

LDAP Instance Namespace

For each instance of an LDAP authentication source, there is an LDAP instance namespace that appears in the rules

editing interface. The LDAP instance namespace consists of all the attributes that were defined when the

authentication source was created. These attribute names are pre-populated. For Policy Manager to fetch the values of

attributes from an LDAP-compliant directory, you need to define filters for that authentication source (see "Adding and

Modifying Authentication Sources" on page 149).

RSAToken Instance Namespace

For each instance of an RSA Token Server authentication source, there is an RSA Token Server instance namespace

that appears in the rules editing interface. The RSA Token Server instance namespace consists of attributes names

defined when you created an instance of this authentication source. The attribute names are pre-populated for

administrative convenience.

Dell Networking W-ClearPass Policy Manager 6.3 | User Guide Rules Editing and Namespaces | 449