Community Home > Discuss > Technology > Controllerless Networks > Disable edit and delete button @Guest Provisioning...

Controllerless Networks

Reply
Gabriel_M
Occasional Contributor I
Gabriel_M

Disable edit and delete button @Guest Provisioning Interface

‎11-27-2017 10:54 AM

Hello, I'm traying to give access for provisioning guests to everyone on the company (to provide a guest user for their guests). but i need to disable the edit and delete button in order to deny for the "provisioning user" account at the controller to modify or delete the guest users created by others employees that used already the account. Is it possible?

 

Thank you

 

Gabriel

Alert a Moderator
Message 1 of 6
363 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Disable edit and delete button @Guest Provisioning Interface

‎11-27-2017 11:01 AM

http://www.arubanetworks.com/techdocs/ArubaOS_65x_WebHelp/Web_Help_Index.htm#ArubaFrameStyles/Management_Utilities/Guest_Provisioning.htm

"Starting with ArubaOS 3.4 release, a guest user account that is created by a guest provisioning user can only be viewed, modified or deleted by the guest provisioning user who created the account or the network administrator. A guest user account that is created by the network administrator can only be viewed, modified or deleted by the network administrator."

 

You cannot disable buttons.  It seems you would only be able to accomplish that if guest provisioners were using unique usernames to log into the controller...



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Alert a Moderator
Message 2 of 6
360 Views
Reply
0 Kudos
Gabriel_M
Occasional Contributor I
Gabriel_M

Re: Disable edit and delete button @Guest Provisioning Interface

‎11-27-2017 11:43 AM

And you know if there is a possibility to enable access to the controller as guest-provisioning account to an Active Directory group?

Alert a Moderator
Message 3 of 6
345 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Disable edit and delete button @Guest Provisioning Interface

‎11-27-2017 11:55 AM

You can do this via management authentication.  If you have a radius server that can authenticate users via AD group, you can return the Aruba-admin-role attribute of "guest-provisioning" to have those users authenticate and see the guest page.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Alert a Moderator
Message 4 of 6
336 Views
Reply
0 Kudos
Gabriel_M
Occasional Contributor I
Gabriel_M

Re: Disable edit and delete button @Guest Provisioning Interface

‎11-30-2017 04:41 AM

Could you explain me how to do this? I can't find where i have to set the things that you said.

Alert a Moderator
Message 5 of 6
258 Views
Reply
0 Kudos
Guru Elite Guru Elite
Guru Elite
cjoseph

Re: Disable edit and delete button @Guest Provisioning Interface

‎11-30-2017 05:15 AM

You would need:

 

- An external radius server to authenticate management users, sending back the "guest-provisioning" value for the "Aruba-Admin-Role".

- To configure the Aruba Controller to accept management authentication from a radius server

 

How to configure your radius server varies, depending on the radius server.  If you have IAS, vanilla instructions are here:  http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Content/ArubaFrameStyles/802.1x_XPClient_IAS_Config/Configure_Management_Aut.htm



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Alert a Moderator
Message 6 of 6
250 Views
Reply
0 Kudos
Search Airheads
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2018 Hewlett Packard Enterprise Development LP
All Rights Reserved.
Powered by Lithium