Security

 View Only
Expand all | Collapse all

Service Account in CPPM has full permission

This thread has been viewed 7 times
  • 1.  Service Account in CPPM has full permission

    Posted Dec 26, 2022 12:15 PM
    Hi
    the service account that i used  it to bind AD with ClearPass has full permission on the domain 

    ex. Service account 
    arubacppm@company.com

    and the cyber security wants to limit the full permission or delete it 

    and that Service account is only used with Cppm 

    how can i delicate or create a specific permission for that account to only be used for binding AD? is there any impact 

    any other solutions?


  • 2.  RE: Service Account in CPPM has full permission

    Posted Dec 26, 2022 05:46 PM
    when you create the Auth source for your AD, you need an AD user account with read-only  permission.  So you can change the permission for your clearpass service account from Full. to read-only.

    ------------------------------
    If my post was useful accept solution and/or give kudos.
    Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
    ------------------------------