You are here: What's New in This Release > New Features and Enhancements in the 6.6.10 Release > Policy Manager

Policy Manager

The following new features are introduced in Policy Manager in the 6.6.10 release:

* A new service parameter, Disable CPPM Machine account password expiry in AD, was added to the list of RADIUS server parameters available on the Administration > Server Manager > Server Configuration > Service Parameters tab. When the value for this parameter is set to TRUE, it disables the Samba machine password timeout setting so that a machine password change will not be forced. If this parameter is left at the default setting of FALSE, the Samba machine password timeout setting will remain in effect. This parameter corrects an issue where MSCHAPv2 authentications against Active Directory sometimes failed with an “AD status: Access denied” error. (#43377)
* ClearPass now supports the following secured cipher suites using Active Directory as an authentication source: (#44056)
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA256
- TLS_RSA_WITH_AES_256_CBC_SHA