Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Admin Privileges to only login to Clearpass Insight

This thread has been viewed 2 times

  • 1.  Admin Privileges to only login to Clearpass Insight

    Posted Oct 06, 2016 10:24 PM

    Hi,

     

    Is there admin privileges in Clearpass only allow the user to login into Insight, and not other module? I have read, but seems like nothing like that.

     

    Thanks in advance.

     

    Crone



  • 2.  RE: Admin Privileges to only login to Clearpass Insight

    EMPLOYEE
    Posted Oct 06, 2016 10:33 PM
    In ClearPass Guest, you can create an operator profile with only access to
    Insight. Then create an application authentication service for Insight with
    your different access policies.


  • 3.  RE: Admin Privileges to only login to Clearpass Insight

    EMPLOYEE
    Posted Oct 06, 2016 10:33 PM
    In ClearPass Guest, you can create an operator profile with only access to
    Insight. Then create an application authentication service for Insight with
    your different access policies.


  • 4.  RE: Admin Privileges to only login to Clearpass Insight

    Posted Oct 06, 2016 10:48 PM

    Hi Tim,

     

    I dont see Insight in the list. Capture-operator login.JPG



  • 5.  RE: Admin Privileges to only login to Clearpass Insight
    Best Answer

    EMPLOYEE
    Posted Oct 07, 2016 03:29 AM

    You can create a custom admin privilege in CPPM for access to Insight only.

    Create new and call it 'insight'.  You'll have to give something on the Policy Manager side, but just give as little as possible.

    Snip20161007_26.png

     

    And then give full access on the Insight side.

    Snip20161007_25.png

     

    Then create a new admin user and assign that privilege.

    Snip20161007_27.png

     

    Navigate to https://<clearpass>/insight and login with that account.



  • 6.  RE: Admin Privileges to only login to Clearpass Insight

    Posted Oct 07, 2016 04:03 AM

    Hi Michael,

     

    I manage to create custom admin privilege using XML, and only give RW to dashboard. But how to edit the privilege as per your screenshot? I dont find any edit button here.

     

    Crone



  • 7.  RE: Admin Privileges to only login to Clearpass Insight

    Posted Oct 07, 2016 04:07 AM

    Sorry manage to find it.



  • 8.  RE: Admin Privileges to only login to Clearpass Insight

    EMPLOYEE
    Posted Oct 07, 2016 04:08 AM

    Forgot to mention.  That capability came out in 6.6



  • 9.  RE: Admin Privileges to only login to Clearpass Insight

    Posted Oct 07, 2016 04:10 AM

    Yes, just saw the difference between 6.5 and 6.6. In 6.5 I can edit the admin privilege.

     

    Thanks Michael!



  • 10.  RE: Admin Privileges to only login to Clearpass Insight

    EMPLOYEE
    Posted Oct 07, 2016 04:13 AM

    Yes, in 6.5 you can edit them of sorts.  From memory, you can't create a custom one specifically for Insight only.