Security

Hi

I have this conditions in our clearpass and I'm trying to understand what it does.. (both conditions basically contain the same rules editor.. (ro vs rw is the diff)

This would return the CISCO-SW-RW_EPRO enforcement profile if the AD_CISCO-RW_ROLE is present in the authentication.

If that is not the case, it would return the CISCO-SW-RO_EPRO enforcement profile if the AD_CISCO-RO_ROLE is present in the authentication.

If that's also not the case, the default enforcement will be returned (which is not displayed in your screenshot).

This is basic ClearPass knowledge, which is part of any ClearPass training.

Hi

I have this conditions in our clearpass and I'm trying to understand what it does.. (both conditions basically contain the same rules editor.. (ro vs rw is the diff)

Thank you. I never had any training so apologies. Anyway, how do I add command authorization to this? (i.e. if it returns AD_Cisco-RW_Role , check which ad group they are in?  assign priv 15 for  network engineers or assign priv 7 if network analysts.. thanks

This would return the CISCO-SW-RW_EPRO enforcement profile if the AD_CISCO-RW_ROLE is present in the authentication.

If that is not the case, it would return the CISCO-SW-RO_EPRO enforcement profile if the AD_CISCO-RO_ROLE is present in the authentication.

If that's also not the case, the default enforcement will be returned (which is not displayed in your screenshot).

This is basic ClearPass knowledge, which is part of any ClearPass training.

Hi

I have this conditions in our clearpass and I'm trying to understand what it does.. (both conditions basically contain the same rules editor.. (ro vs rw is the diff)