Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass XML TagDictionaries

This thread has been viewed 1 times

  • 1.  Clearpass XML TagDictionaries

    Posted Aug 19, 2016 09:19 AM

    Hi,

     

    I have two Clearpass servers from which I need to get endpoint data via XML. But there is a difference in the TagDictionaries between the two servers. On one, the TagDictionaries contains 6 entries:

    -<TagDictionaries>

<TagDictionary entityName="Endpoint" attributeName="Email" dataType="String" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="Sponsor Name" dataType="String" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="MAC-Auth Expiry" dataType="Date-Time" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="Guest Role ID" dataType="String" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="Username" dataType="String" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="Visitor Name" dataType="String" mandatory="false" allowMultiple="false"/>

</TagDictionaries>

    but on the other there are only 3 of the entries present:

    -<TagDictionaries>

<TagDictionary entityName="Endpoint" attributeName="MAC-Auth Expiry" dataType="Date-Time" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="Guest Role ID" dataType="String" mandatory="false" allowMultiple="false"/>

<TagDictionary entityName="Endpoint" attributeName="Username" dataType="String" mandatory="false" allowMultiple="false"/>

</TagDictionaries>

    The entries for Visitor Name, Email and Sponsor Name are missing, and I wonder why?

     

    Both servers are doing Guest Authentication with Mac Caching, but there are a few differences which may or may not be of importance:

     

    Server 1 (with all the tags) is running 6.5.5 while server 2 is running 6.5.6

    Server 1 has High Capacity Guest Mode disabled but server 2 has HCGM enabled

     

    Can anybody shed some light on why the endpoint tag entries are missing from server 2?

     

    Thanks in advance!

     

    Mikael, Denmark



  • 2.  RE: Clearpass XML TagDictionaries

    Posted Aug 22, 2016 11:06 AM

    What query did you use to generate these lists? That would help track this down.



  • 3.  RE: Clearpass XML TagDictionaries

    Posted Aug 22, 2016 11:22 AM

    The query is like this:

     

    https://192.168.110.15/tipsapi/config/read/Endpoint/equals?macAddress=aabbccddeeff

     

    The problem seems to be that Clearpass doesn't put Visitor Name etc. in the Endpoints database on this server and I can't figure out why!? If I run a query directly in the database, the tagValues are not there either.



  • 4.  RE: Clearpass XML TagDictionaries

    Posted Aug 24, 2016 12:20 AM

    It looks like you're doing self-registration on one but not the other. Is that the case?



  • 5.  RE: Clearpass XML TagDictionaries

    Posted Aug 24, 2016 12:55 AM

    No, I am doing Self-registration on both servers. The server, that works fine was setup by our SE, who is now no longer with Aruba. The second server was setup by myself, so it's possible that there is a setting somewhere that I didnt enable.