Security

Reply
New Contributor

Aruba Insight Management Login

I'm struggeling with the Clearpass Insight Login. I've Build a Service which grant's Management Access to CPPM via Active Directory Backend with User-Role Super-Admin. Everything works fine and if a User is Logged into CPPM he's able to open Insight too. 

 

If the User isn't Logged into CPPM and tries to Log into CP Insight he gets Rejected on the Login Web Interface. He's saying Wrong User/Password. Which is definitly wrong. If I look at the Access Tracker my Request is successfully authenticated. 

 

My Question is. How should the Enforcement Profile look ? I've set up an Application Enforcement -> User Role - Operator Login Admin User.

 

I Guess, I should set a specific Attribute for Authentication. I searched already but didn't found anything. 

 

With Local Users, everything work's fine but how to set the Access Attributes for an Active Directory user and which one ?

 

Thx in advance

 

P.S. 

Main Reason is to open the Links in the Email from Insight.

Re: Aruba Insight Management Login

I would copy the "[Insight Operator Logins]" service, add your AD to the authentication tab then alter the enforcement to allow access from your AD authentication source.

 

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Occasional Contributor II

Re: Aruba Insight Management Login

Hi,

 

You need to add Active Directory as Authorization source. If you have already added it then please share your service snap including authentication, authorztion, enforcement policy and access tracker logs.

 

Regards,

Milind Yashwantrao

Occasional Contributor II

Re: Aruba Insight Management Login

Seems like there is slightly more required than just adding AD as an Authentication or Authorization source...

 

Has anyone got this working?

Aruba Employee

Re: Aruba Insight Management Login

Hi,

 

What service type you are using to authenticate insight user againt AD?

 

We need to use Inisght Operator login service. In

Home » Administration » Operator Logins » Profiles we have list of profiles which we could use, if you dont want to use , create a new profile and map this profile in translation rule page.
 
If we dont map the profile here Insight does not know what access rule policy manager is sending.
 
use default Insight Operator login service and set enforcment based on your requirment.
 
Regards,
Pavan
 
If my post addresses your query give kudos:)
 
Occasional Contributor II

Re: Aruba Insight Management Login

Thanks Pavan,

 

I tried this and it looked like it should have been working OK.

 

Could you share screenshots of a working example?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: