Hello there,
It is funny how the more you work on somehting and the more you get confused. (probably the lack of sleep helps).
anyway, here is the situation.
On the master controller we linked usernames to a role. (based on the Radius)
We have user A, B , C and a Generic account G
to make it easy , each user get a role with the same name. except G for which we assign role A
When I CLI the local controller, show airgroup user, I can see User A with role A, user B with the role B etc ... and G with role A
Then on clearpass I add a AIrplay server (or Apple TV or whatever). The server uses G account to connect to the network. That said he gets a role A .
If i do a show airgroup server I can see it with the role A
If I do a sh airgroup cppm entries, I still see it as role A
My understanding is that the shared role option on ClearPass Guest (Create Device section) was to filter the access to the device.
Well in my case the goal was to have user A accessing the Airplay (connected as G) and it works , great.
But B and C, with completely different role can airplay the device too ...
Thanks in advance for any input.