Hi,I've booted up the Aruba Networks PolicyManager 6.6 VMI'm trying to setup API guest users and part of the documentation i've received to do this suggests that I login to the DB manually to add the users (strange method, but OK)I've found that the PostgreSQL server is running on port 5432 of the VM. I've confirmed that using a port scan "5432/tcp open postgresql"But when I attempt to login using a macOS PostgreSQL client (PSequel), I get the following error: "FATAL: no pg_hba_confg entry for host '192.168.1.100' user 'appuser;, database 'postgres' SSL off"This error is strange as the IP of my VM is 192.168.1.101 (Could be the issue here?)Regardless, after Googling, it seems I need to update the pg_hba.conf file upon the box but I can't get bash shell on the VM. I can login to the policy manager but i'm restricted to a handful of commandsCan anybody help me on this one? Is there a better method to add an API user? My *only* task on this project is to add an API user so I can authenticate against http://vm/api/oauth. Nothing else matters. This ispurely to test on a local development environment and no other features of the VM are required Thanks in advance,
You should either upgrade to the latest version of 6.6.X or move to 6.7.
The ClearPass REST API does not use external SQL connections. I'm trying to understand what your end goal is. The ClearPass REST API can use a password or client_credential grant. The password grant using existing identity stores to authenticate users/devices.
We have an external system which we want to allow Clearpass users to be able to authenticate on, using their Clearpass credentials. So the only endpoint I need to work with is /api/oauthI have logged into the Clearpass GUI and created accounts - https://ibb.co/YhBS6yYI think I have done the work to enable Oauth - https://ibb.co/cNXKxsjBut the following request to /api/oauth returns that the credentials are invalid, although each field value in the requeset body looks correct to me - https://ibb.co/6yYztCkWe have been given a REST setup document which suggests I need to edit the DB manually - https://ibb.co/nw7ws0GIf there's anything you can sugguest, i'd very gratefulStephen,
You created Guest accounts, not local user accounts. Use [Guest User Repository] as the auth source.
I don't appear to have the option to set an auth source in either the OAuth config nor the account config: - https://ibb.co/Zg6Nwss - https://ibb.co/HgGdtz7I have found the guest user repository in the Policy Manager but I don't see an option to link it to the guest user auth source - https://ibb.co/wSBdrK5
I'm not able to find the section you're referencingIs it within Policy Manager, Gues Management or something else?
I'm not able to find the section you're referencingIs it within Policy Manager, Guest Management or something else?
I have made the updates I think are required but Oauth authentication still fails:
- https://ibb.co/vPY5wWX - https://ibb.co/QQCZ4VG - https://ibb.co/KxqyFbH - https://ibb.co/93PWPjm
Access tracker full list - https://ibb.co/jLH2TsxMost recent row: - Summary: https://ibb.co/yQtyZXp - Input: https://ibb.co/qm12KyV - Output: https://ibb.co/zRqJ4q2 - Alerts: https://ibb.co/0Z3qBd5
I see that but any previous attempt at updating the password has still caused an auth failure. Even now, i've just updated the password again. Copied and pasted it into the request body and a failure still occurs
I've just tried a different user that has a different role. The error is now "Access denied by policy"
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.