Security

Reply
Occasional Contributor II
Posts: 22
Registered: ‎10-28-2015

Admin Privileges to only login to Clearpass Insight

Hi,

 

Is there admin privileges in Clearpass only allow the user to login into Insight, and not other module? I have read, but seems like nothing like that.

 

Thanks in advance.

 

Crone

Guru Elite
Posts: 8,765
Registered: ‎09-08-2010

Re: Admin Privileges to only login to Clearpass Insight

In ClearPass Guest, you can create an operator profile with only access to
Insight. Then create an application authentication service for Insight with
your different access policies.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite
Posts: 8,765
Registered: ‎09-08-2010

Re: Admin Privileges to only login to Clearpass Insight

In ClearPass Guest, you can create an operator profile with only access to
Insight. Then create an application authentication service for Insight with
your different access policies.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Occasional Contributor II
Posts: 22
Registered: ‎10-28-2015

Re: Admin Privileges to only login to Clearpass Insight

Hi Tim,

 

I dont see Insight in the list. Capture-operator login.JPG

Aruba
Posts: 1,296
Registered: ‎08-29-2007

Re: Admin Privileges to only login to Clearpass Insight

You can create a custom admin privilege in CPPM for access to Insight only.

Create new and call it 'insight'.  You'll have to give something on the Policy Manager side, but just give as little as possible.

Snip20161007_26.png

 

And then give full access on the Insight side.

Snip20161007_25.png

 

Then create a new admin user and assign that privilege.

Snip20161007_27.png

 

Navigate to https://<clearpass>/insight and login with that account.


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
Occasional Contributor II
Posts: 22
Registered: ‎10-28-2015

Re: Admin Privileges to only login to Clearpass Insight

Hi Michael,

 

I manage to create custom admin privilege using XML, and only give RW to dashboard. But how to edit the privilege as per your screenshot? I dont find any edit button here.

 

Crone

Occasional Contributor II
Posts: 22
Registered: ‎10-28-2015

Re: Admin Privileges to only login to Clearpass Insight

Sorry manage to find it.

Aruba
Posts: 1,296
Registered: ‎08-29-2007

Re: Admin Privileges to only login to Clearpass Insight

Forgot to mention.  That capability came out in 6.6


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
Occasional Contributor II
Posts: 22
Registered: ‎10-28-2015

Re: Admin Privileges to only login to Clearpass Insight

Yes, just saw the difference between 6.5 and 6.6. In 6.5 I can edit the admin privilege.

 

Thanks Michael!

Aruba
Posts: 1,296
Registered: ‎08-29-2007

Re: Admin Privileges to only login to Clearpass Insight

Yes, in 6.5 you can edit them of sorts.  From memory, you can't create a custom one specifically for Insight only.


If my post is helpful please give kudos, or mark as solved if it answers your post.

ACCP, ACMP, ACMX #294
mclarke@arubanetworks.com
Search Airheads
Showing results for 
Search instead for 
Did you mean: