Security

last person joined: 22 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

clearpass custom admin privilege

This thread has been viewed 1 times

  • 1.  clearpass custom admin privilege

    Posted May 15, 2014 12:01 PM

    can someone tell me how to properly create a custom admin privilege on clearpass 6.2.6?



  • 2.  RE: clearpass custom admin privilege

    EMPLOYEE
    Posted May 15, 2014 12:02 PM

    Please see page 214 of the CPPM 6.2 user manual. It explains how to create custom administrative privileges.

     

     

    custom-admin-priv-manual.PNG

     

    http://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=11862



  • 3.  RE: clearpass custom admin privilege

    EMPLOYEE
    Posted May 15, 2014 12:04 PM

    or go to the admin priv page and click the help button.

     

    Screen Shot 2014-05-15 at 11.02.29 AM.png



  • 4.  RE: clearpass custom admin privilege

    Posted May 15, 2014 01:20 PM

    Hi Troy, i have tried that but what happens is i can sucessfully login using the new admin privilege but nothing shows on the page execpt the cppm hearder and footer. I am not sure what causes this kind of behavior. I have tried it several times and i get the same kind of behavior. We are using AD authentication to CPPM as primary and local user authentication as a secondary.



  • 5.  RE: clearpass custom admin privilege

    EMPLOYEE
    Posted May 15, 2014 01:22 PM

    Try exporting one of the built-in roles and customizing it from there. Something might be wrong with your syntax.



  • 6.  RE: clearpass custom admin privilege

    Posted May 15, 2014 03:27 PM

    i did that as well in case my syntax was wrong and the same happens. I did find it was easier to export one of the privileges currently in there, modify accordingly to con.id.ep, save it and then import it.



  • 7.  RE: clearpass custom admin privilege

    Posted May 16, 2014 09:22 AM
      |   view attached

    I included a picture of my .xml for you to see what i am uploading. We are currently running 6.2.6.62196 using AD authentication. I modify the appropriate area's necessary. Create role, add rule to existing role mapping. Create profile and profile to existing enforcement policy. I am beginning to think it might be a bug in the code version i am on. In reality the only part i want is con.id.ep (Endpoint Repository) but i have tried it several different ways and it doesn't show anything on the page at all except CPPM header and footer. I can see that i successfully logged in access tracker.



  • 8.  RE: clearpass custom admin privilege

    EMPLOYEE
    Posted May 16, 2014 09:43 AM

    Your XML looks correct. I would open a TAC case.



  • 9.  RE: clearpass custom admin privilege

    MVP
    Posted Nov 04, 2014 02:52 PM

    Any update on this, I'm experiencing the same issue?



  • 10.  RE: clearpass custom admin privilege

    Posted Aug 24, 2015 06:27 PM

    I have the same issue! I opened up a support ticket (Case Number: 1741291) today. So far, they have worked on it for a few hours and we have gotten nowhere. Any luck on a solution for this issue? Below is a screen shot of the blank dashboard I am talking about. 

     

    CPPM Blank Dashboard.jpg



  • 11.  RE: clearpass custom admin privilege

    Posted Sep 17, 2015 02:58 PM

    My issue was a result of changes to the .xml code. You should be fine if you update your xml code in your template.