10-26-2016 05:16 AM
i have created a guest Portal with sponsor confirmation. It works fine. I have a field with Sponsor_email, where the guest hast to write in the mail from the sponsor. In the moment he can write there everthing. Is it possible to only allow there a spezial AD Group?
That means, when the guest writes an email from a user, which is not in this ad group the mail is not send?
10-26-2016 06:03 AM
You could setup a static email group (distribution group) and add a nickname and the user won't be able to edit or entirely just hide the field
Use LDAP with a restriction to anAD group
Get Outlook for iOS
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
10-26-2016 06:04 AM
Why not simply configure LDAP sponsor lookup and then point that config to look only into the group you want?
Saves your guests from having to type the email address even.
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
10-26-2016 06:14 AM
You should be able to use an LDAP v3 URL which includes an LDAP filter to filter the results of your LDAP query:
where filter could be (memberOf=<adgroup>).
Check the Managing LDAP Operator Authentication Servers section of the ClearPass Guest user guide.
10-26-2016 07:01 AM
I tried it like in the Post you send, but it does not work. When i test my Server i get an ok and also see the right email. When i try to register a guest, i get an error that the sponsor email is not valid. I am not sure if i have to configure under the DO_LDAP_Lookup field.