Security

Hi,

 

I am just starting out with Clearpass and have an eval version that I am using for testing and demo.

 

In setting up, there's a few things that don't make sense, though I'm sure it's cause of my lack of experience and I'm probably doing it wrong.

 

I wanted to setup a basic guest portal, so I did the following

 

• Setup a web-auth service using the standard template and added in the relevant ssid.
• Setup some role mappings so that the appropriate attribute is returned, and added this to the service.

 

However, when I try to add a user in CPGuest, that role is not available to choose.

 

If I go into the default [Guest Roles] mapping and add something in there, those roles are then available to choose, although I can't seem to see how this is referenced.

 

Although it is all working, I'd like to have my own policies and naming convention.  No doubt I'm doing something wrong.

 

Thanks

 

 

 

 

 

The reference to [Guest Roles] is indeed ridiculously well hidden.

 

You can use other role mapping by either editing the [Guest Roles] one but if you indeed prefer your own naming convention you can change the role mapping used as follows:

 

Go to Guest app > Administration > plugin manager > ClearPass Guest Services > Configuration

In here you can choose which mapping to use.

The role that you add needs to have the [ ] for it to show up as a drop down. Example [test role]

Thank you
Troy Arnold
tarnold@arubanetworks.com

Thanks guys,

 

I found the [ ] doesn't make a difference, but just need to reference the correct mapping as Koenv mentioned.

 

All good

If you want the roles to show up in the drop down when adding a guest user they won't show up unless they are included.

You can reference mappings without them. AD role=IT Admin

Good info, I spend too much time figuring out there was a difference between "Role ID" and "[Role ID]".

 

Michael_Clarke: this does make a difference whithin the mapping you selected/changed where I mentioned before. You must use [Role ID] here.