Cloud Managed Networks

Hi Airheads-Community!

I'm trying to resolve an issue with the Aruba Central Login Page. I am working for a Service Provider which has multiple customers within Aruba Central. This customers are managed by a team of Aruba experts.
Unfortunatly due to the strategic orientation, the devices and subscriptions within Aruba Central are in the hands of the specific customer and we are managing and servicing the individual solutions.
Thus the Aruba Central MSP Feature is not applicable for us and we have to manage the customers with our individual login mails.

The SAML SSO Login feature unfortunatly requires, that the Customer ID Attribute is implemented by hand into ADFS. Therefore everytime we would like to install/configure a new customer we would have to open a ticket with the ID to our IT department.

I would like to use the SAML SSO feature but maybe with another implementation. Like i.e. redirecting the users form an internal login-authentication-page to Aruba Central with a specific admin user credential.

Has anyone else experienced this login problems and/or maybe can suggest a solution?
Best regards,
Philipp

------------------------------
Philipp
------------------------------

Hi Philipp,

In general I would say that the IAM (Identity Access Management) responsibility within another team is a good thing. Don't forget that RBAC is also part of it. The only thing is that the process should be automated in my opinion. I'm not an ADFS expert, but I'm sure this could be automated.

For SSO you could use other methods like using ClearPass or Ping for SSO, but remember you want to have your identity in one place, preferable with MFA.

https://help.central.arubanetworks.com/2.5.4/documentation/online_help/content/nms/user-mgmt/saml-sso-cppm.htm?Highlight=clearpass%20sso



Original Message:
Sent: Jan 12, 2022 04:10 AM
From: Philipp Kozinski
Subject: Aruba Central Login, Multiple Users, Multiple Tenants, No MSP

Hi Airheads-Community!

I'm trying to resolve an issue with the Aruba Central Login Page. I am working for a Service Provider which has multiple customers within Aruba Central. This customers are managed by a team of Aruba experts.
Unfortunatly due to the strategic orientation, the devices and subscriptions within Aruba Central are in the hands of the specific customer and we are managing and servicing the individual solutions.
Thus the Aruba Central MSP Feature is not applicable for us and we have to manage the customers with our individual login mails.

The SAML SSO Login feature unfortunatly requires, that the Customer ID Attribute is implemented by hand into ADFS. Therefore everytime we would like to install/configure a new customer we would have to open a ticket with the ID to our IT department.

I would like to use the SAML SSO feature but maybe with another implementation. Like i.e. redirecting the users form an internal login-authentication-page to Aruba Central with a specific admin user credential.

Has anyone else experienced this login problems and/or maybe can suggest a solution?
Best regards,
Philipp

------------------------------
Philipp
------------------------------

Hi Seitze!

Thanks for the infomration and input! I looked into the SSO guide for ADFS and as far as I understood the individual CI-numbers have to be entered manually into the AD in order to grant access with SAML SSO. 
So therefore, everytime a new customer is created, the CI-number has to be added into the AD.

------------------------------
Philipp Kozinski
------------------------------

Original Message:
Sent: Jan 14, 2022 07:37 AM
From: Sietze Reitsma
Subject: Aruba Central Login, Multiple Users, Multiple Tenants, No MSP

Hi Philipp,

In general I would say that the IAM (Identity Access Management) responsibility within another team is a good thing. Don't forget that RBAC is also part of it. The only thing is that the process should be automated in my opinion. I'm not an ADFS expert, but I'm sure this could be automated.

For SSO you could use other methods like using ClearPass or Ping for SSO, but remember you want to have your identity in one place, preferable with MFA.

https://help.central.arubanetworks.com/2.5.4/documentation/online_help/content/nms/user-mgmt/saml-sso-cppm.htm?Highlight=clearpass%20sso



Original Message:
Sent: Jan 12, 2022 04:10 AM
From: Philipp Kozinski
Subject: Aruba Central Login, Multiple Users, Multiple Tenants, No MSP

Hi Airheads-Community!

I'm trying to resolve an issue with the Aruba Central Login Page. I am working for a Service Provider which has multiple customers within Aruba Central. This customers are managed by a team of Aruba experts.
Unfortunatly due to the strategic orientation, the devices and subscriptions within Aruba Central are in the hands of the specific customer and we are managing and servicing the individual solutions.
Thus the Aruba Central MSP Feature is not applicable for us and we have to manage the customers with our individual login mails.

The SAML SSO Login feature unfortunatly requires, that the Customer ID Attribute is implemented by hand into ADFS. Therefore everytime we would like to install/configure a new customer we would have to open a ticket with the ID to our IT department.

I would like to use the SAML SSO feature but maybe with another implementation. Like i.e. redirecting the users form an internal login-authentication-page to Aruba Central with a specific admin user credential.

Has anyone else experienced this login problems and/or maybe can suggest a solution?
Best regards,
Philipp

------------------------------
Philipp
------------------------------