Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass Custom Device Attributes and Portal Page

This thread has been viewed 23 times

  • 1.  ClearPass Custom Device Attributes and Portal Page

    Posted May 23, 2022 08:58 AM
    I am looking into the best way method to allow operator user to add devices ideally through a portal, as well as have a custom mandatory attribute to identify the device which will be used for Role assignment. 

    If I use the endpoint database - this has all the devices seen on the network and doesn't have a dedicated portal

    If I use the guest device repository, its works a lot better but I can figure out how to add custom attributes.

    What is the best way forward - has anybody else done this?

    Thanks
    AP


    ------------------------------
    Andrew Partridge
    ------------------------------


  • 2.  RE: ClearPass Custom Device Attributes and Portal Page

    EMPLOYEE
    Posted May 24, 2022 10:46 AM

    Andrew --

    I would definitely use the guest device repository.  You can then use mac_trac as the web portal for device registraiton.

    To add a custom field there are three steps, in the Configuration section of Guest under Pages/Fields you will create a new field to carry the information you want as well as the formatting for that field (drop down, validation strings, etc.)

    Once you have the field created make a copy of the mac_trac_create and mac_trac_edit pages, go in and add that new field to the form.  The underlying database will now pick up the new field on any new entries.  

    Lastly modify the Operator Login Profile you are using to point to the newly crated mac_trac pages for Create New Device and Edit Device. 

    Oddly enough when referring to the new field in your Role Map or Enforcement Policy in CPPM you'll actually refer to the GuestUser database to find that new field.

    Hope that helps.



    ------------------------------
    Travis Thompson
    ------------------------------

    Original Message


  • 3.  RE: ClearPass Custom Device Attributes and Portal Page

    Posted May 26, 2022 06:33 AM
    This is just what I am looking for, although having tried it this morning, I feel like I am just poking around the interface.

    Is there some documentation on doing this, 

    I have duplicated the forms, 
    I have created a new field call <org>_device
    added new field to forms
    but within the roles I am unable to get the new field as an option.

    I feel like I am missing a step, somewhere.

    ------------------------------
    Andrew Partridge
    ------------------------------

    Original Message


  • 4.  RE: ClearPass Custom Device Attributes and Portal Page

    EMPLOYEE
    Posted May 27, 2022 10:34 AM
    Andrew --

    Form / Field documentation is in the guest user guide.  Relevant chapters are here:  https://www.arubanetworks.com/techdocs/ClearPass/6.10/Guest/Content/Configuration/CustomizingFormsAndViews.htm

    One other thing to look at...  You may need to modify the Dictionary Attributes in CPPM (Administration -> Dictionaries -> Dictionary Attributes) to add the value you want to retrieve as a "GuestUser" object.   The attribute should have the same name as the field you added.  Then use GuestUser as the Type in your Role Mapping.   


    ------------------------------
    Travis Thompson
    ------------------------------

    Original Message