Security

Reply
Super Contributor II

Restarting clearpass guest from cli

We've been writing some apps to talk to clearpass via the API set on CPPM 6.6.8 and can break it  at will. Although the policy manager component still works and we can restart the server that way, trying to access the clearpass guest page fails with the browser eventually timing out.

 

Attempting other API queries also fail 

 

our endpoints db has about 85K entries and we have a locally defined attribute called UoY_VLAN

were trying to do an 

API call for GET /endpoint with filter: {"attributes":{"$contains":"UoY_Vlan"}}

... and things die!

 

Can I restart clearpass guest from the CLI or is this a real server reboot thing ?

 

had a look at server list and there;s nothing there that immediately springs out as being associagted with clearpass guest

 

A

Guru Elite

Re: Restarting clearpass guest from cli

  1. You cannot currently filter by endpoint attributes in the API
  2. Guest is not a separate entity and cannot be restarted independently

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Super Contributor II

Re: Restarting clearpass guest from cli

o.k. so guess there's a bug that stops the clearpass guest web interface .instead of just saying "can't do that" 

 

BTW service restart cpass-admin-server seems to get you back.

 

The plan is for our IPAM system to set the value of locall attrribute "UoY_VLAN" which is then use in our enforcement policy. Colleague was just trying to get a list of current UoY_VLAN  values

 

A

 

 

 

Aruba Employee

Re: Restarting clearpass guest from cli

Something is obviously up.  Even if you work around it you should open a TAC case so a proper customer-initiated engineering ticket can be opened.

Super Contributor II

Re: Restarting clearpass guest from cli

Already done that :-)

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: