Security

Reply
Occasional Contributor I

Can't access the PostgreSQL database running in the Clearpass VM

Hi,

I've booted up the Aruba Networks PolicyManager 6.6 VM

I'm trying to setup API guest users and part of the documentation i've received to do this suggests that I login to the DB manually to add the users (strange method, but OK)

I've found that the PostgreSQL server is running on port 5432 of the VM. I've confirmed that using a port scan "5432/tcp open postgresql"

But when I attempt to login using a macOS PostgreSQL client (PSequel), I get the following error: "FATAL: no pg_hba_confg entry for host '192.168.1.100' user 'appuser;, database 'postgres' SSL off"

This error is strange as the IP of my VM is 192.168.1.101 (Could be the issue here?)

Regardless, after Googling, it seems I need to update the pg_hba.conf file upon the box but I can't get bash shell on the VM. I can login to the policy manager but i'm restricted to a handful of commands

Can anybody help me on this one? Is there a better method to add an API user? My *only* task on this project is to add an API user so I can authenticate against http://vm/api/oauth. Nothing else matters. This is
purely to test on a local development environment and no other features of the VM are required 

Thanks in advance,

Guru Elite

Re: Can't access the PostgreSQL database running in the Clearpass VM

You should either upgrade to the latest version of 6.6.X or move to 6.7.

 

The ClearPass REST API does not use external SQL connections. I'm trying to understand what your end goal is. The ClearPass REST API can use a password or client_credential grant. The password grant using existing identity stores to authenticate users/devices.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Can't access the PostgreSQL database running in the Clearpass VM

We have an external system which we want to allow Clearpass users to be able to authenticate on, using their Clearpass credentials. So the only endpoint I need to work with is /api/oauth

I have logged into the Clearpass GUI and created accounts - https://ibb.co/YhBS6yY

I think I have done the work to enable Oauth - https://ibb.co/cNXKxsj

But the following request to /api/oauth returns that the credentials are invalid, although each field value in the requeset body looks correct to me - https://ibb.co/6yYztCk

We have been given a REST setup document which suggests I need to edit the DB manually - https://ibb.co/nw7ws0G

If there's anything you can sugguest, i'd very grateful

Stephen,

Guru Elite

Re: Can't access the PostgreSQL database running in the Clearpass VM

You created Guest accounts, not local user accounts. Use [Guest User Repository] as the auth source.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Highlighted
Occasional Contributor I

Re: Can't access the PostgreSQL database running in the Clearpass VM

I don't appear to have the option to set an auth source in either the OAuth config nor the account config:
  - https://ibb.co/Zg6Nwss
  - https://ibb.co/HgGdtz7

I have found the guest user repository in the Policy Manager but I don't see an option to link it to the guest user auth source - https://ibb.co/wSBdrK5

Guru Elite

Re: Can't access the PostgreSQL database running in the Clearpass VM

In your OAuth 2.0 application service, change the auth source.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Can't access the PostgreSQL database running in the Clearpass VM

I'm not able to find the section you're referencing

Is it within Policy Manager, Gues Management or something else?

 

Occasional Contributor I

Re: Can't access the PostgreSQL database running in the Clearpass VM

I'm not able to find the section you're referencing

Is it within Policy Manager, Guest Management or something else?

 

Guru Elite

Re: Can't access the PostgreSQL database running in the Clearpass VM

Configuration > Services.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Can't access the PostgreSQL database running in the Clearpass VM

I have made the updates I think are required but Oauth authentication still fails:

 

 - https://ibb.co/vPY5wWX
 - https://ibb.co/QQCZ4VG
 - https://ibb.co/KxqyFbH
 - https://ibb.co/93PWPjm

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: