Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Infoblox TACACS+ dictionary for ClearPass

This thread has been viewed 3 times

  • 1.  Infoblox TACACS+ dictionary for ClearPass

    Posted Apr 09, 2015 07:47 PM
      |   view attached

    Hello all,

     

    I've created a custom TACACS+ dictionary that can be imported into ClearPass for administrative login into Infoblox Grid Manager. It is attached to this post, but make sure you remove the .txt portion of the filename (this forum apparently does not allow .xml file type uploads).

     

    The "infoblox-admin-group" attribute should be passed back to Infoblox and should match a local admin group that is defined on the server. Enjoy!

     

    Note: My initial upload had an error. I've since corrected. Guess I should have verified full functionality before posting :)

    Attachment(s)

    txt
    InfobloxTacacsServiceDictionary.xml.txt   470 B 1 version


  • 2.  RE: Infoblox TACACS+ dictionary for ClearPass
    Best Answer

    Posted Apr 09, 2015 08:25 PM

    To get this working from the Infoblox side:

    1. Add ClearPass as TACACS+ server into a TACACS+ server group (Administration > Authentication Server Groups > TACACS+ Services).
    2. Click Administration > Administrators > Authentication Policy and add your server group under "Authenticate users against these services in this order"
    3. Assign any admin group that you intend to have returned from ClearPass under "Map the remote admin group to the local group in this order".