Security

Reply
Occasional Contributor II

Clearpass Tacacs+ with aruba controller

Have configured Aruba controller and clearpass for tacacs+

 

I am authentication with clearpass local user repositary and I am able to authenticate perfectly.

 

But I am still able to login into the contoller through its local username and password also.

 

I want the users to login through username and password provided in clearpass local user repositary only.

 

any ideas on how can i stop authenticating admins from logging in through local username.

 

MVP Expert
MVP Expert

Re: Clearpass Tacacs+ with aruba controller

Hi,

 

depends on what you want to achieve.

You can diable local authentiocation totally.

AOS8: Configuration -> System -> Admin page.

 

I prefere to leave built in admin for emergencies. So I do not disable local login.

Password for local admin known by only few employees or somehow put into safe place for emergency.

Delete all other local users.

 

That way you'll see rejected login in CPPM, if someone logs in as "admin". But login still will work, if he knows the secured admin password.

 

Regards, Jö

Please give kudos, if you like my post.
Please Accept as solution, if my post was helpful.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: