I've always logged in to the Policy Manager using a local administrator account.
I then read up details on how to configure how to login using my AD credentials - using a copy of the Policy Manager Admin Network Login Service.
However, I noticed that my Policy Manager Admin Network Login Service isnt actually enabled according to my service list..
If so - whats processing my login? In the event viewer my login is sourced from Policy Manager UI.
If you type the admin password incorrectly, does it show in the access tracker then?
In the attachment i send you an example of the service configuration as i used in my HomeLAB.
Please note then when you login to ccpm with the local "admin" account there is no service for that, it works always regardless of hitting any service or service configuration issue.
Hope this help you!
So if I type in the admin password incorrectly, it shows a Reject in Access Tracker with no Service attached to it;
Error Category: Authentication failureError Code: Failed to classify request to serviceTacacs server ServiceClassification failed, reason=PolicyServer returned empty service
If I type in the admin password correctly, it doesn't show up in Access Track, but I go get an INFO level event in the Event Viewer that admin has logged in.
I did follow the process here, https://blogs.arubanetworks.com/solutions/clearpass-operator-login-with-active-directory/, and AD Authentication works - I'm just confused as to where the original local admin login is being processed, unless its something that happens regardless of the services defined.
local admin login is a internal process of cppm, and always work, there is no service for that.
if the local admin password not match the local admin account it “try” the tacacs service if the account match an AD account. Thats why it hit your service by a password mismatch.
lokal admin account always works, so when you make a configuration fault in your services you not been locked out.
At present, are you logging in as local admin or using your AD credentials?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.