Security

 View Only
last person joined: 3 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Urgency! Cluster reset-database

This thread has been viewed 35 times
  • 1.  Urgency! Cluster reset-database

    Posted May 12, 2022 09:24 AM
    Hi team,

    Can you guys help to confirm if I use the "cluster reset-database" command, will it cause the license to be lost?
    The problem is an incorrect translation rule causes all users (AD and built-in administrators) to become read-only when they login the Clearpass Guest page. The admin login appears to be turned off, and AD users with admins will match the first role.

    We don't have any solution to this, maybe resetting is the only way...



    ------------------------------
    Hevin Huo
    ------------------------------


  • 2.  RE: Urgency! Cluster reset-database

    Posted May 19, 2022 11:29 AM
    Please work with Aruba Support. Can't you even login as the built-in admin user to /tips/ then use the menu to switch to Guest and fix the translation rules?

    If that does not work, Aruba Support may have the option to reset the Guest Role mapping without a full cluster database reset.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: Urgency! Cluster reset-database

    Posted May 23, 2022 08:35 AM
    Had a customer doing this exact same thing. Worked with TAC, but in the end the customer had to do a restore..
    This needs to be a read-only thing where it's not possible to override the default role for super-admin when going to ..

    ------------------------------
    John-Egil Solberg |
    ACMX | ACCX
    ------------------------------