I'm not sure if that will work, unless AD allows LDAP login with the tacacsID as username, or you have the password available in an attribute that you can query (which is not the case with AD as far as I know).
Below is an example to use the e-mail address as username (through query filter #1 which is named Authenticaiton) and telephoneNumber as password (see pasword attribute):
But that seems different from your use-case, different username but the AD password associated to an account. So not sure if that is possible.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Oct 26, 2024 08:23 AM
From: Subhojit
Subject: ClearPass custom attribute authentication
Hi,
I have using ClearPass as production TACACS server. I want to use a custom attribute (TACACS ID) which I have set in my AD, this will be used by user as login id of the switch. Please help me to modify the rule for this to happen.
I have made this attached filter. However, this is not working.
Thanks in advance.