support RSA or AD Auth in CMA with Legacy Client a...

Mastering Compliance
Unveiling the power of Compliance Blade

WATCH NOW

SASE Masters:
Deploying Harmony SASE for a 6,000-Strong Workforce
in a Single Weekend

May the 4th (+4)
Navigating Paradigm Shifts in Cyber

CPX 2024 Content
is Here!

Get What You Need

Harmony SaaS
The most advanced prevention
for SaaS-based threats

LEARN MORE

CheckMates Go:
CPX 2024 Recap

LISTEN NOW

Create a Post

Hi, does anyone know if its possible to support RSA and AD Auth in a CMA? We did some testing in R77.30 and legacy auth a while back and almost go it to work. We made the default to look up password in AD. If we used a realm (or whatever checkpoint called that) where for example the username was "bob@rsa" then we could route the auth request to RSA, but the problem was the group membership lookup in AD wouldn't strip the "@rsa" so the user's group membership would be looked up as bob@rsa" vs just "bob".

Anyone tried this with a recent version? We have a lot of legacy client auth but we're actively looking at captive portal as well. I guess it would be the same if we were using AD auth + Radius auth so if anyone has done that as well let me know.

Thanks!