Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

101

102

103

104

105

106

107

108

109

110

For both Authentication Methods and Authentication Sources, you can select one item in the list and use the buttons

on the right to:

l Move it up or down

The order of authentication matters. When a client tries to do 802.1X authentication, Policy Manager proposes the

first authentication method configured. The client can accept the authentication method proposed by Policy

Manager and continue authentication or send a NAK and propose a different authentication method. If this

authentication method is also configured, then authentication will proceed. Otherwise authentication will fail.

If most of the clients in the network use a particular authentication method, that authentication method should be

configured first in the list. This would reduce the number of RADIUS packets exchanged.

l Remove it

l View its details

l Modify it. See "Adding and Modifying Authentication Methods" on page 133 and "Adding and Modifying

Authentication Sources" on page 151.

You can also use the links on the right to add a new authentication method or source.

Select the Strip Username Rules checkbox to pre-process the user name (to remove prefixes and suffixes) before

authenticating and authorizing against the authentication source.

Authorization Tab

The Authorization tab is not visible by default. To access it, select the Authorization check box on the Services tab.

The Authorization tab is where you select authorization sources for this service. Policy Manager fetches role mapping

attributes from the authorization sources associated with the service, regardless of which authentication source was

used to authenticate the user. For a given service, role mapping attributes are fetched from the following authorization

sources:

l The authorization sources associated with the authentication source.

l The authorization sources associated with the service. For more information on configuring authorization sources,

refer to "Adding and Modifying Authentication Methods" on page 133.

To add an authorization source, select it from the drop-down list.

For authorization sources in the list, you can select one and use the buttons on the right to:

l Remove it.

l View its details.

l Modify it.

For more information on configuring authorization sources, see "Adding and Modifying Authentication Methods" on

page 133.

Roles Tab

To associate a role mapping policy with this service click on the Roles tab. For information on configuring role

mapping policies, see "Configuring a Role Mapping Policy" on page 191.

Posture Tab

This type of service does not have Posture checking enabled by default. To enable posture checking for this service,

select the Posture Compliance check box on the Service tab.

You can enable posture checking for this kind of service if you are deploying Policy Manager in a Microsoft NAP or

Cisco NAC framework environment, or if you are deploying a Dell hosted captive portal that does posture checks

Dell Networking W-ClearPass Policy Manager 6.3 | User Guide Services | 103