I am slightly confussed about the airgroup functionality. We have had it running without the clearpass tie in allowing users to just access everything. We would like to starting using the clearpass piece but only somewhat selectivly. For example, if student puts and apple tv in there dorm room i want it to connect and be visible to everyone. But I want the ability to let them register it and then share it with there roomates or soemthing. Basically i want to allow things work as they do now, but give people control if they want it. I was told it does not work this way, but then i found this section of the Airgroup guide which seems to say otherwise.
The AirGroup solution allows users to view all mDNS devices by default.AirGroup provides a set of policy definitions to allow or disallow one of more AirGroup servers from being visible to specific AirGroup users. If an AirGroup server is not registered on a CPPM server, by default, the server will be visible to all AirGroup users. The administrator has to register an AirGroup server to allow or disallow this server from being visible to specific AirGroup users. The following procedure registers an AirGroup server on a CPPM server:
When i enable "AirGroup CPPM enforce registration" all devices disapear from my airplay list. It does not matter if i register and share the device in clearpass or not.
With "AirGroup CPPM enforce registration" disabled, i see every device but the sharing rules in clearpass still dont have any effect.
I worked with an engineer to configure clearpass for this, so its added as a aigroup AAA server and as an RFC 3576 server. I saw log entries for airgroup as soon as i added them in there, so i believe they are talking correctly. so....
1. Can I do what i am trying to do?
2. How do i get it to do that?