when you create the Auth source for your AD, you need an AD user account with read-only permission. So you can change the permission for your clearpass service account from Full. to read-only.
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
------------------------------
Original Message:
Sent: Dec 26, 2022 12:14 PM
From: ADul BA
Subject: Service Account in CPPM has full permission
Hi
the service account that i used it to bind AD with ClearPass has full permission on the domain
ex. Service account
arubacppm@company.com
and the cyber security wants to limit the full permission or delete it
and that Service account is only used with Cppm
how can i delicate or create a specific permission for that account to only be used for binding AD? is there any impact
any other solutions?