Security

Reply
Occasional Contributor II

Re: Configuring management authentication for ClearPass against AD

Hi Cappali, 

 

All AD users are able to access the Clear pass using their AD logins. Is it possible to only give access to Admin group? 

 

Thanks 

 

Occasional Contributor II

Re: Configuring management authentication for ClearPass against AD

Hi Cappali, 

 

Any help re my last reply will be appreciated. 

 

Thanks 

Guru Elite

Re: Configuring management authentication for ClearPass against AD

Guru Elite

Re: Configuring management authentication for ClearPass against AD

To be clear, the configuration that prevents anyone from logging in is the Tacacs Deny Profile here:  tacacs-deny.png


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Configuring management authentication for ClearPass against AD

Hi Cjoseph, 

 

Thanks for your reply. I have used the same article to configure the managment access for CPPM through AD. The problem is when I change the Defaault role to Guest or other as mentioned in the article none of the users from AD are able to login and I need the Admin users to be able to login.

 

I have also added the role to allow Admin users access but no luck. The only time it works when I change the default role to Read-only or super-admin but it allows all AD users same priviledges. 

 

Thanks 

Guru Elite

Re: Configuring management authentication for ClearPass against AD

That probably means none of your mapping rules are matching.  What does your mapping rule screen look like?

mapping.png


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Configuring management authentication for ClearPass against AD

Yepp, its looks same as the screen shot which you have privided, only my domain name and AD group is different. 

 

Thanks 

Guru Elite

Re: Configuring management authentication for ClearPass against AD

That can only mean you are not matching anything.  I would open a case with support to check your work.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Occasional Contributor II

Re: Configuring management authentication for ClearPass against AD

 Hi Cjoseph, 

 

I have managed to solve the issue and now I can login to CPPM using AD admin account and normal AD users are not able to login.Please can you help me configuring a service on CPPM so that Aruba controller and Air wave server login through the AD same as CPPM? 

 

Thanks 

 

 

Guru Elite

Re: Configuring management authentication for ClearPass against AD

An article on management authentication of Airwave using ClearPass is in the knowledgebase here:  http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/Airwave-External-Auth-using-CPPM-RADIUS/ta-p/183348

 

An article on management authentication of an Aruba Controller using ClearPass is in the knowledgebase here:  http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-to-authenticate-Management-users-of-Aruba-Controllers-via/ta-p/187358

 

Please search the knowledgebase for answers to any questions.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.4 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Aruba Central Documentation
Sign up for Security Alerts
Aruba Technical Webinars
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: