Security

HI!
I want to use clearpass tacacs authentication for Cisco DCNM server. It says that tacacs have to return network-admin role. How this can be done in Clearpass?

------------------------------
Petri Kemppainen
------------------------------

Hi,

Do you have look to use like Cisco Switch for TACACS, return Shell:privilege level 15 ?

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Dec 09, 2020 01:50 PM
From: Petri Kemppainen
Subject: Cleapass shell role net-admin DCNM

HI!
I want to use clearpass tacacs authentication for Cisco DCNM server. It says that tacacs have to return network-admin role. How this can be done in Clearpass?

------------------------------
Petri Kemppainen
------------------------------

Did you see and test this suggestion? There is a screenshot on how to return the network-admin role in a TACACS+ enforcement profile.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
------------------------------

Original Message:
Sent: Dec 09, 2020 01:50 PM
From: Petri Kemppainen
Subject: Cleapass shell role net-admin DCNM

HI!
I want to use clearpass tacacs authentication for Cisco DCNM server. It says that tacacs have to return network-admin role. How this can be done in Clearpass?

------------------------------
Petri Kemppainen
------------------------------

Hi!

I got this work! 

I have to make new tacacs dictionany shell:ip

I export existing shell dictionary and modify that and import it back to tacacs dictionary

then i modify enforcement profile and you can see right values from attached file, Cisco DCNM profile.

------------------------------
Petri Kemppainen
------------------------------

Original Message:
Sent: Dec 15, 2020 04:50 AM
From: Herman Robers
Subject: Cleapass shell role net-admin DCNM

Did you see and test this suggestion? There is a screenshot on how to return the network-admin role in a TACACS+ enforcement profile.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Dec 09, 2020 01:50 PM
From: Petri Kemppainen
Subject: Cleapass shell role net-admin DCNM

HI!
I want to use clearpass tacacs authentication for Cisco DCNM server. It says that tacacs have to return network-admin role. How this can be done in Clearpass?

------------------------------
Petri Kemppainen
------------------------------

Worked for me!

thanks!!!

------------------------------
Andres Perez
------------------------------

Original Message:
Sent: Dec 17, 2020 02:26 AM
From: Petri Kemppainen
Subject: Cleapass shell role net-admin DCNM

Hi!

I got this work! 

I have to make new tacacs dictionany shell:ip

I export existing shell dictionary and modify that and import it back to tacacs dictionary

then i modify enforcement profile and you can see right values from attached file, Cisco DCNM profile.

------------------------------
Petri Kemppainen

Original Message:
Sent: Dec 15, 2020 04:50 AM
From: Herman Robers
Subject: Cleapass shell role net-admin DCNM

Did you see and test this suggestion? There is a screenshot on how to return the network-admin role in a TACACS+ enforcement profile.

------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

Original Message:
Sent: Dec 09, 2020 01:50 PM
From: Petri Kemppainen
Subject: Cleapass shell role net-admin DCNM

HI!
I want to use clearpass tacacs authentication for Cisco DCNM server. It says that tacacs have to return network-admin role. How this can be done in Clearpass?

------------------------------
Petri Kemppainen
------------------------------