Hey guys, I am looking for the latest step by step guide to setup clearpass onboarding for controllers using a single SSID. 

Thanks!

There is no specific guide for this. Have you reached out to your Aruba partner?

Thanks, I am actually the Aruba partner and I'm Clearpass certified, I haven't setup single SSID onboard in a long time and was hoping Aruba had some decent documentation around a generic setup. 

Essentially the only configuration that makes it a single SSID Onboard is adding an enforcement rule that checks if the outer method is EAP-PEAP, and if so, put the device into an Onboard enrollment role. You can layer on policy checks for more advanced policies.

Keep in mind that all of the security issues around PEAPv0/EAP-MSCHAPv2 still apply with single SSID Onboard during the initial authentication. If your customer is security conscious, I'd recommend dual SSID Onboard.

Check out the following ASE solution,

Wireless Onboard w/ Single SSID 

https://ase.arubanetworks.com/solutions/id/34

Following this ASE, I was able to get single SSID onboarding working as designed. Thanks!