Security

Reply
Frequent Contributor I
Posts: 99
Registered: ‎08-05-2013

Defining the Sponsor Server in Guest Self-Registrations

  1. I have 2 different Guest Self-Registration entries:  1 for the corporate office and 1 for the remote sites. The corporate office instance uses the sponsor drop-down menu with a hook into Active Directory to populate that field, which is working perfectly.  
  2. However, the one for the remote sites I've run into 2 separate issues:  How can I key in on 1 particular OU to populate the sponsor list?  I don't want the entire corporate list in the drop down...just the users that are in the remote site OU. 
  3. Where in the Guest Self-Registration configuration do I point at that AD server instance that uses that remote site OU?  

        I want this guy: 

Capture.JPG

        To use this guy:

Capture.JPG

 

Guru Elite
Posts: 8,633
Registered: ‎09-08-2010

Re: Defining the Sponsor Server in Guest Self-Registrations

 

When you define the server, use the OU you want to restrict to.

 

For example, this will restrict to users in the "Staff" OU:

ldap-sponsor-restricted-ou.PNG

 

To set the server profile, edit the Select2 options in the sponsor_lookup field for the form.

sponsor-server-definition.PNG


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 99
Registered: ‎08-05-2013

Re: Defining the Sponsor Server in Guest Self-Registrations

Thank you kindly. 

Quick question:  in the Select2 Option field you highlighted, does it require the name of the server itself (FQDN), or does it require the name of the Operator Server entry that I created ("AD for MOBs")?

Guru Elite
Posts: 8,633
Registered: ‎09-08-2010

Re: Defining the Sponsor Server in Guest Self-Registrations

The name of the server from the name field.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 99
Registered: ‎08-05-2013

Re: Defining the Sponsor Server in Guest Self-Registrations

Thank you, Tim.  Looks like I can get it to work if I change the priority from default 50 to 49.  If it shares the same priority as the Corporate AD server entry (50), the Corporate one no longer works and the Remote site AD entry takes over both Corporate and Rremote.  It's never easy :)

Frequent Contributor I
Posts: 99
Registered: ‎08-05-2013

Re: Defining the Sponsor Server in Guest Self-Registrations

Because I have 2 LDAP servers listed (depicted above in previous post), it wants the one with the top priority (lowest number).  If both have a priority of 50, the request goes to the first LDAP server in the list. The #ajax.args.server = LDAP SERVER has no bearing on anything. 

If I change the Remote Site LDAP server to 49, the Corporate side (and Remote Site side) will use that entry.  It doesn't matter that the #ajax.args.server = Corporate LDAP.  With this type of logic built in, having 2 LDAP servers to accommodate 2 different Guest Self-Registrations is impossible.  

Guru Elite
Posts: 8,633
Registered: ‎09-08-2010

Re: Defining the Sponsor Server in Guest Self-Registrations

Try removing the # sign before ajax.args.server


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 99
Registered: ‎08-05-2013

Re: Defining the Sponsor Server in Guest Self-Registrations

F&#% me!!!!!  You're the man Tim.  Thank you kindly.  

Search Airheads
Showing results for 
Search instead for 
Did you mean: