02-11-2014 09:32 AM
I've searched through the community and the manuals however I'm coming up short on a step by step approach to getting the Sponsor Lookup to work. I'm using CPPM 126.96.36.199730
I've configured the LDAP server on Clearpass guest and I'm succesfully able to perform lookups and authentications.
After this, I get hung up.
I've read sponsor_lookup needs to be added to the guest_register form. However I'm unable to add any fields to this form. I've been doing a lot of trial and error, but I'm uanble to get it to work. Does anyone have a step-by-steb doc on how to get this to work? Thanks so much.
02-11-2014 09:47 AM
1. In your Self reg page you will need to edit the field on the registration page.
2. By default it is not in the list. Click insert after on one of the top fields select sponsor lookup (see pic2 shows it added)
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.
02-11-2014 10:21 AM
Thanks for your quick response!! So it now shows up in the form. However the lookup seems very spotty and inconsistent with a results returning and then an error stating 'Cannot Search for Users'. Is there any best practices on how to set this up for stability?
02-11-2014 12:59 PM
After further testing I think the issue is a bug with clearpass using LDAPS. I found information here.
Once i switched to regular LDAP stability regarding the lookup stabalized. Thanks for your help
03-20-2014 03:38 PM
One additional question about the LDAP Sponsored lookup. I'm trying to test out a scenario where the returned email address is different than the default in a Sponsored Guest Login page. I've gone to the following location:
CP Guest > Administration > Operator Logins > Servers > "My LDAP server" > Sponsor Lookups > and changed the following:
#sponsor_email | userPrincipalName
sponsor_email | mail
When I go to Configuration > Guest Self-Registration > "My LDAP Sponsored Lookup" > Go To > I'm able to search for a user, select them as an option, and fire off an email that is addressed to the "mail" attribute in AD.
The one slight issue I'm having is with the LDAP Search itself. The search returns my username in the following fashion:
It looks like the "firstname.lastname@example.org" is being pulled by the "sponsor_lookup" field from the "userPrincipalName" in AD, not from the "email" attribute. This field looks like it's using the following Ajax routine:
ajax.url = NwaLdapSponsorUserSearchAjax
Is there a way to change this Ajax field to display a different email address?
Thanks for the help!
03-20-2014 04:16 PM
If you're specifically talking about what is being displayed to the user when doing the Sponsor Lookup, you need to update the Display Attributes section under CP Guest > Administration > Operator Logins > Servers > "My LDAP server" > User Search >
I hope this helps.