Home > Community > Technology > Security > Aruba Insight Management Login

Security

Reply
Topic Options
Froggmog
New Contributor
Froggmog
Posts: 1
Registered: ‎04-04-2017

Aruba Insight Management Login
Options

‎05-18-2017 11:33 PM

I'm struggeling with the Clearpass Insight Login. I've Build a Service which grant's Management Access to CPPM via Active Directory Backend with User-Role Super-Admin. Everything works fine and if a User is Logged into CPPM he's able to open Insight too. 

 

If the User isn't Logged into CPPM and tries to Log into CP Insight he gets Rejected on the Login Web Interface. He's saying Wrong User/Password. Which is definitly wrong. If I look at the Access Tracker my Request is successfully authenticated. 

 

My Question is. How should the Enforcement Profile look ? I've set up an Application Enforcement -> User Role - Operator Login Admin User.

 

I Guess, I should set a specific Attribute for Authentication. I searched already but didn't found anything. 

 

With Local Users, everything work's fine but how to set the Access Attributes for an Active Directory user and which one ?

 

Thx in advance

 

P.S. 

Main Reason is to open the Links in the Email from Insight.

Alert a Moderator
Message 1 of 6 (366 Views)
Reply
0 Kudos
MVP MVP
MVP
jrwhitehead
Posts: 1,011
Registered: ‎04-13-2009

Re: Aruba Insight Management Login
Options

‎05-20-2017 12:49 AM

I would copy the "[Insight Operator Logins]" service, add your AD to the authentication tab then alter the enforcement to allow access from your AD authentication source.

 

Cheers
James

-------------------------------------------------------
-------------------@whereisjrw-------------------
------------------------blog-------------------------
ACCX #540 | ACMX #353 | ACDX #216
-----------Mobility First Expert #11----------
-------------------------------------------------------

If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users via search.
Alert a Moderator
Message 2 of 6 (322 Views)
Reply
0 Kudos
Milind_Yashwan…
Occasional Contributor II
Milind_Yashwantrao
Posts: 19
Registered: ‎04-09-2017

Re: Aruba Insight Management Login
Options

‎05-21-2017 08:29 PM

Hi,

 

You need to add Active Directory as Authorization source. If you have already added it then please share your service snap including authentication, authorztion, enforcement policy and access tracker logs.

 

Regards,

Milind Yashwantrao

Alert a Moderator
Message 3 of 6 (285 Views)
Reply
0 Kudos
Chris_Denham
Occasional Contributor I
Chris_Denham
Posts: 9
Registered: ‎04-24-2017

Re: Aruba Insight Management Login
Options

3 weeks ago

Seems like there is slightly more required than just adding AD as an Authentication or Authorization source...

 

Has anyone got this working?

Alert a Moderator
Message 4 of 6 (135 Views)
Reply
0 Kudos
Aruba Employee
PAVAN
Posts: 508
Registered: ‎02-19-2015

Re: Aruba Insight Management Login
Options

3 weeks ago

Hi,

 

What service type you are using to authenticate insight user againt AD?

 

We need to use Inisght Operator login service. In

Home » Administration » Operator Logins » Profiles we have list of profiles which we could use, if you dont want to use , create a new profile and map this profile in translation rule page.
 
If we dont map the profile here Insight does not know what access rule policy manager is sending.
 
use default Insight Operator login service and set enforcment based on your requirment.
 
Regards,
Pavan
 
If my post addresses your query give kudos:)
 
Alert a Moderator
Message 5 of 6 (119 Views)
Reply
0 Kudos
Chris_Denham
Occasional Contributor I
Chris_Denham
Posts: 9
Registered: ‎04-24-2017

Re: Aruba Insight Management Login
Options

3 weeks ago

Thanks Pavan,

 

I tried this and it looked like it should have been working OK.

 

Could you share screenshots of a working example?

Alert a Moderator
Message 6 of 6 (93 Views)
Reply
0 Kudos
Search Airheads
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

© Copyright 2017 Hewlett Packard Enterprise Development LP
Powered by Lithium