By default CPPM will not post all the attributes fetched from Active Directory to Guest module when operator login using AD credentials.
We can configure the enforcement profile to pass on the required attribute values (like email) to Guest module on successful operator login along with the admin privilege.
Clearpass Guest Operator login authentication configured against active directory.
Configuration Steps :
We can configure the enforcement profile to fetch email attribute from AD and pass it on to Guest, which can be used to auto populate sponsor_email field when creating new guest accounts.
-Update the Enforcement profile with below attribute to post email address along with admin privilege to Guest module on operator login.
-Edit the create_user form sponsor_email filed and add the below expression as initial value.
array ( 'generator' => 'GeneratorFromSession', 'generator_args' => array ( 0 => 'userauth_user', 1 => 'User-Email-Address', ),)
From Access tracker ->request output, we can confirm the application response sent to Guest module.
When Guest operator login to Guest using AD credentials and try creating guest accounts, CPPM should be able to auto populate sponsor email.