Security

Reply
Occasional Contributor II

Error DUR read-only account

Hello,

 

I'm trying to get DUR working on a 2930F switch. I get this error:

dca: 8021X Deauthenticating client 5C260A7BB28C on
port 1, downloaded user role DUR_OMO_MANAGED_1... is not valid as
Invalid cppm username/password.

 

But i know for a fact that the username/password is correct. 

The 2930F are managed by aruba central though. I tried logging in with the credentials on the CPPM and it works. Also there is HTTPS access to the CPPM from the aruba switch. 

 

Anybody else got this problem? I opened a TAC Case. 

 

With kind regards,

 

Martijn

 

 

Re: Error DUR read-only account

Could you share the versions you are using, both on the switch and on ClearPass?

 

Also the switch config snippet would be helpful.

 

Have you followed the instructions in Wired Policy Guide?: https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=28803

Occasional Contributor II

Re: Error DUR read-only account

Seems that the configuration template of aruba central is not forwarding the password of the DUR user. I can’t use cli snip because my OS version of the switch 16.05.

Workaround is to configure alle classes/policies and user roles static on the switch for now. I’m waiting if they find a solution for this.

Met vriendelijke groet,

Martijn Gruijters
Senior Solution Consultant
[Logo_4IP_Solutions_connectivity_RGB_Tagline_150dpi - Copy]

4IP Solutions
Eindhoven ● Amsterdam
Mahatma Gandhilaan 2
5653 ML Eindhoven

t +31 (0)88 428 48 88
m +31 (0)65 185 71 88
e martijn.gruijters@4ip.nl
w www.4ip.nl
[cid:image002.png@01D28CEF.75FAD190][cid:image003.png@01D28CEF.75FAD190]

Re: Error DUR read-only account

Yes, definitely work with TAC.

Do you see any error reported in the Audit Trail of Central related to the template?

Highlighted

Re: Error DUR read-only account

Please add this to all ZTP templates using Clearpass certificate downloads. Adds an "insurance policy" to induce a retry when the initial certificate download fails.

 

crypto ca-download usage clearpass retry <secs>”

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: