Hi,
I'm trying to get CPPM to push a role to a controller but without success. The user is not getting the correct role. It's getting the role I set in the AAA profile.
I followed the guide at http://www.airheads.eu/t5/Controller-Based-WLANs/Downloading-an-undefined-role-from-CPPM-to-Controller/ta-p/243661
Enforcement profile:
Accesstracker:
On the controller:
Security log doesn't look good...
Dec 28 10:27:49 :199802: <4052> <ERRS> |authmgr| auth_cppm_api.c, auth_curl_perform:119: Dldb Role KIKO_BYOD_EP-3004-8: Curl response with HTTP code: 401
Dec 28 10:27:49 :124830: <4052> <ERRS> |authmgr| Dldb Role KIKO_BYOD_EP-3004-8: Users dequeued, role in incomplete state
#show rights downloaded-user-roles
RoleTable
---------
Name ACL Bandwidth ACL List Type
---- --- --------- -------- ----
KIKO_BYOD_EP-3004-8 104 Up: No Limit,Dn: No Limit global-sacl/,apprf-KIKO_BYOD_EP-3004-8-sacl/ System (downloaded, not editable)
KIKO_BYOD_PROFILE-3002-6 86 Up: No Limit,Dn: No Limit global-sacl/,apprf-KIKO_BYOD_PROFILE-3002-6-sacl/ System (downloaded, not editable)
test_ep-3003-1 80 Up: No Limit,Dn: No Limit global-sacl/,apprf-test_ep-3003-1-sacl/ System (downloaded, not editable)
aaa profile "Users"
initial-role "authenticated"
mac-default-role "logon"
mac-server-group "Clearpass"
authentication-dot1x "Users"
dot1x-default-role "logon"
dot1x-server-group "Clearpass"
download-role
enforce-dhcp
Controller is 7205 with 6.5.0.3
Clearpass is 6.6.0.81015
Am i missing something here?