09-29-2014 04:25 PM
I am looking to implement a rotating password script for a particular guest user.
Trying to avoid the XML API which I am not familiar with, SQL would be a piece of cake.
So looks like I need to modify tipsDB -> cpg_nwamdpsuser. But the perms are:
ALTER TABLE cpg_nwamdpsuser OWNER TO postgres;
GRANT ALL ON TABLE cpg_nwamdpsuser TO postgres;
GRANT SELECT ON TABLE cpg_nwamdpsuser TO appuser;
GRANT SELECT, UPDATE, INSERT, DELETE ON TABLE cpg_nwamdpsuser TO appadmin;
However appadmin isn't allowed to login externally via pg_hba.conf.
09-29-2014 04:29 PM
09-29-2014 11:24 PM
I've done exactly this for a customer. See my thread here, http://community.arubanetworks.com/t5/AAA-NAC-Gues
If my post is helpful please give kudos, or mark as solved if it answers your post.
ACCP, ACMP, ACMX #294
09-29-2014 11:52 PM
For anyone checking this later, the basics of this is
/usr/bin/wget https://<clearpass>/tipsapi/config/write/GuestUser --no-check-certificate --user=apiadmin --password=<pass> --header=\"Content-Type:text/xml\" --post-file=<guestUserFile> --output-document=<res
..where <guestUserFile> is the xml as per the API guide.