- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
11-27-2017 10:54 AM
Hello, I'm traying to give access for provisioning guests to everyone on the company (to provide a guest user for their guests). but i need to disable the edit and delete button in order to deny for the "provisioning user" account at the controller to modify or delete the guest users created by others employees that used already the account. Is it possible?
Thank you
Gabriel
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
11-27-2017 11:01 AM
"Starting with ArubaOS 3.4 release, a guest user account that is created by a guest provisioning user can only be viewed, modified or deleted by the guest provisioning user who created the account or the network administrator. A guest user account that is created by the network administrator can only be viewed, modified or deleted by the network administrator."
You cannot disable buttons. It seems you would only be able to accomplish that if guest provisioners were using unique usernames to log into the controller...
Colin Joseph
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Disable edit and delete button @Guest Provisioning Interface
Re: Disable edit and delete button @Guest Provisioning Interface
11-27-2017 11:43 AM
And you know if there is a possibility to enable access to the controller as guest-provisioning account to an Active Directory group?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Disable edit and delete button @Guest Provisioning Interface
Re: Disable edit and delete button @Guest Provisioning Interface
11-27-2017 11:55 AM
You can do this via management authentication. If you have a radius server that can authenticate users via AD group, you can return the Aruba-admin-role attribute of "guest-provisioning" to have those users authenticate and see the guest page.
Colin Joseph
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Disable edit and delete button @Guest Provisioning Interface
Re: Disable edit and delete button @Guest Provisioning Interface
11-30-2017 04:41 AM
Could you explain me how to do this? I can't find where i have to set the things that you said.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator
Re: Disable edit and delete button @Guest Provisioning Interface
Re: Disable edit and delete button @Guest Provisioning Interface
11-30-2017 05:15 AM
You would need:
- An external radius server to authenticate management users, sending back the "guest-provisioning" value for the "Aruba-Admin-Role".
- To configure the Aruba Controller to accept management authentication from a radius server
How to configure your radius server varies, depending on the radius server. If you have IAS, vanilla instructions are here: http://www.arubanetworks.com/techdocs/ArubaOS_63_Web_Help/Content/ArubaFrameStyles/802.1x_XPClient_IAS_Config/Configure_Management_Aut.htm
Colin Joseph
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Alert a Moderator