Security

Reply
Guru Elite

Re: ClearPass administrator with custom privileges

That would be my recommendation. It's always worked for me that way.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Aruba

Re: ClearPass administrator with custom privileges

You need to be carful of the smarty quotes. "" some txt editors change the format and it will error out.
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Contributor II

Re: ClearPass administrator with custom privileges

@cjoseph

 

Thanks for this post, it was a quick and easy way how to create a profile for just EndpointsDB access. This was tied into AD USers / Group, for ease of providing access without giving admin rights. This was used specifically for provisioning phones / RAP's that use MAC Auth. 

 

 

Justin Kwasnik | ACMX# 598 | ACCX# 638
Occasional Contributor II

Re: ClearPass administrator with custom privileges

Ok, I know this is a very old thread, but it seemed to be the right place to ask the question. We want to create a custom profile for the helpdesk to see the live monitor for radius, but NOT for TACACS. I know that we can restrict the "Accounting" tab from them, but the TACACS requests still show up in the live view. Is there a way to restrict this?

 

Thanks!

Frequent Contributor I

Re: ClearPass administrator with custom privileges

I read this thread and I am looking to do this as well but looking for admin priviledges for only read/write of onboarded devices.  I want the role to be able to removed onboarded devices and users from ClearPass Onboard.

 

Do you think you could help me out with this as well?

 

Thank you in advance.

David

Guru Elite

Re: ClearPass administrator with custom privileges

In the operator profile, give the following privs:
- Delete Certificate: Full
- Manage Devices: Full
- Revoke Certificate: Full
- View Certificate: Read-Only

Be sure there is no filter enabled.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor I

Re: ClearPass administrator with custom privileges

Thanks Tim will try this out>>

 

David

Highlighted
New Contributor

Re: ClearPass administrator with custom privileges

cjoseph, we are having the issue where we have created a custom admin account, but the custom admin account (who we need to create non admin accounts) is able to create "super admin" accounts. We only want the custom admin account to be able to create one account type.  Tried adjusting the view and privs but can't seem to figure it out.  Any thoughts?

New Contributor

Re: ClearPass administrator with custom privileges

I want to restric a specific user to be the admin for a specific service only. Is this doable ?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: