Lab 2.6 - Creating an APM Policy - CAC Authentication

In this section, you will build a macro to request the user certificate.

Task - Build CAC AUTH Macro

1. Click the Add New Macro button

   

2. Name the Macro CAC Auth and click save

   

3. Open the newly created macro by clicking the plus sign by the name: CAC Auth

   

4. Click the Authentication tab across the top, select On-Demand Cert Auth, and click Add Item

   

5. Leave the Auth Mode set to the default Request, and click Save

   

6. Click the plus sign on the Successful branch

   

7. Click the tab Macros across the top, select the GET UPN from CAC button in the main page, and click Add Item

   

8. Click the plus sign on the Found branch

   

9. Select Macros across the top, select the LDAP_Query button in the main page, and click Add Item

   

10. Click the plus sign on the fallback branch after the On-Demand Cert Auth

    

11. Select General Purpose across the top, select Message Box in the main page, and click Add Item

    

12. Name the message box CAC Failure, enter CAC Failure in the Message box, and click Save

    

13. Click Edit Terminals

    

14. Change the default name from Out to Success, and click Add Terminal

    

15. Change the default name to Failure

    

16. Click the down arrow beside the Failure box to change the order. The Success terminal should be on top. Click Save

    

17. Click the terminals on the Not Found, Failure, Fallback branches and change them from Success to Failure. Click Save

    

    

Note

The completed CAC Auth Macro