Occasional Contributor II

Authenticating with TACACS on the ARUBA CPPM itself.



I am writing a document on how to configure the Aruba CPPM for TACACS on our infrastructure devices - some of which are Aruba devices. We have them working fine in Read Write mode but we are now in a position to start locking down access to devices. On the Aruba CPPM itself we have the following and I wanted to know what the specific option of the Aruba-Admin-Role mean so i can explain it to our Security team:


There is also an Aruba:Common option for the Aruba-Admin-Role for CLI access which has the following values:





Guest Provisioning



I haven't been able to find any documentation on these yet so if someone can point me in the right direction that would be great. Also, is this just for CLI access as we also have the HTTP:class option and I have meanings for the roles for HTTP access.


Kind regards,



Occasional Contributor II

Re: Authenticating with TACACS on the ARUBA CPPM itself.

Typical as soon as I decide I can't find it and drop a message in here I find it:


Role assigned to the user. Predefined roles include:

guest-provisioning: Allows the user to create guest accounts on

a special WebUI page.

location-api-mgmt: Permits access to location API information.

You can log into the CLI; however, you cannot use any CLI


network-operations: Permits access to Monitoring, Reports,

and Events pages in the WebUI. You can log into the CLI;

however, you can only use a subset of CLI commands to

monitor the controller.

read-only: Permits access to CLI show commands or WebUI

monitoring pages only.

root: Permits access to all management functions on the


Search Airheads
Showing results for 
Search instead for 
Did you mean: