Security

last person joined: 17 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass Guest Automatization

This thread has been viewed 6 times

  • 1.  ClearPass Guest Automatization

    Posted Aug 01, 2016 06:15 AM

    Hi guys,

     

    I've got several questions regarding captive portal automatization and specialized configuration:

     

    Situation 1:

    Guest Captive Portal with sponsor confirmation.

    Guest has registered and is waiting on sponsor confirmation (at the receipt page)

    Sponsor confirms access for the user

     

    Question 1:

    Can I auto-submit the receipt page the moment the button becomes available (when guest user is accepted by sponsor)?

     

    Situation 2 (with 2 questions):

    Due to device limitations in onboard, we are searching for a workaround. We want to make users login with AD credentials to a web portal (like in onboard) but instead of certificate installation, they will generate a guest user to use for their device.

     

    Flow is as following: login page -> registration page -> receipt page

    User logs in, the registration page only has a field for username/email. Password will be a generated one. User will submit registration page to create user. 

     

    Question 2:

    Can I automatically get their email address from AD to use or their username and let it be filled in on the registration page? 

     

    Example: user logs in, username field is filled in automatically with the username or email address.

     

    Question 3 (only if question 2 is possible):

    Can I again automatically submit the page to create the user?

     

    Kind regards,

     

    jcelis



  • 2.  RE: ClearPass Guest Automatization

    Posted Aug 02, 2016 05:47 PM

    Anybody got any idea?



  • 3.  RE: ClearPass Guest Automatization

    EMPLOYEE
    Posted Aug 02, 2016 05:56 PM
    What ClearPass licenses do you own?


  • 4.  RE: ClearPass Guest Automatization

    Posted Aug 03, 2016 03:36 AM

    Guest, onboard, onguard and policy manager.

     

    Thanks for answering but don't see how the licenses are relevant for this. Just looking if I can and how to pull data from a login screen into a registration field and automatically submit the data. 



  • 5.  RE: ClearPass Guest Automatization
    Best Answer

    Posted Aug 23, 2016 04:58 PM

    Re: Question 1:

    Yes, you can detect when a user is "approved" by a sponsor when they're sitting on that receipt purgatory page:

     

    {if $user.enabled}
USER IS ENABLED!!
{/if}

    You can combine that with the auto-submit script, slightly modified, available on Arubapedia:

    {if $user.enabled}
  {literal}
    <script>
      $( document ).ready(function() {
        Nwa_SubmitForm(_form_name,"ID_"+_form_name+"_submit"); // submit the form
      });
    </script>
  {/literal}
{/if}

    Questions 2/3 seem doable as well, probably with additonal Javascript.

     

    You can grab the username (email address) via the PHP smarty variable:

    {$username}

    Refer to the https://arubapedia.arubanetworks.com/afp/index.php/ClearPass_Guest_HTML_Cheatsheet for more tricks to help you with Questions 2/3.

     

     



  • 6.  RE: ClearPass Guest Automatization

    Posted Aug 29, 2016 11:31 AM

    Thanks for the reply. Knew I had to go to javascript to get this done. Also got some code from a colleague with how to retrieve information with LDAP and how to store it for the next page. 

     

    Probably won't implement it right now. 



  • 7.  RE: ClearPass Guest Automatization

    Posted Sep 20, 2016 07:00 PM

    Keep us posted and feel free to share your code snippets if you need help troubleshooting!