Security

last person joined: 20 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Failed to get value for attributes=[Role_Name]

This thread has been viewed 15 times

  • 1.  Failed to get value for attributes=[Role_Name]

    Posted Apr 02, 2019 04:26 AM

    hi all,

     

    i have new environment with LDAP as authentication source,

     

    user already can connect to network with user LDAP, get ip, correct dns, and can browsing,

     

    but in access tracker showing "Failed to get value for attributes=[Role_Name]"

     

    anyone have same issue or know how to solve it ?



  • 2.  RE: Failed to get value for attributes=[Role_Name]

    EMPLOYEE
    Posted Apr 02, 2019 04:34 AM

    See if the post here:  https://community.arubanetworks.com/t5/Security/Failed-to-get-value-for-attributes-during-profiling/td-p/206625 answers your question.

     

     



  • 3.  RE: Failed to get value for attributes=[Role_Name]

    Posted Apr 02, 2019 04:42 AM

    dear cjoseph,

     

    i'm already set ip helper in all vlan in controller pointing to ip clearpass,

     

    already enable rfc in controller and enable radius coa in clearpass,

     

    anything else ?



  • 4.  RE: Failed to get value for attributes=[Role_Name]

    EMPLOYEE
    Posted Apr 02, 2019 04:45 AM

    Do the devices with the problem have profiler information in the Endpoints database?  Please read through the rest of the thread to ensure your devices are getting profiled.



  • 5.  RE: Failed to get value for attributes=[Role_Name]

    Posted Apr 02, 2019 04:47 AM

    Dear cjoseph,

     

    yep, its already automated profiled in clearpass

     

    Screenshot (694).png



  • 6.  RE: Failed to get value for attributes=[Role_Name]

    Posted Apr 02, 2019 04:50 AM

    and its not happening with local user clearpass

     

    Screenshot (695).pngScreenshot (696).pngScreenshot (697).png



  • 7.  RE: Failed to get value for attributes=[Role_Name]

    EMPLOYEE
    Posted Apr 03, 2019 02:39 PM

    I believe you have setup service to use this Role name attribute in role evaluation or policy evaluation. Would it be possible to export access tracker and attach here to verify service config?

     

    Regards,

    Pranav 



  • 8.  RE: Failed to get value for attributes=[Role_Name]

    Posted Apr 04, 2019 12:33 AM

    Dear Pdudakia

     

    i'm sorry i didnt have screenshoot of access tracker one of user because i didnt visit the site today,

     

    but i remember authorization atribute of user like this one :

     

    "userDN : uid=suroto, ou=direktoratutama, dc=hutamakarya"

     

    attached screenshoot of role mapping and enforcement mapping

    Screenshot (699).pngScreenshot (700).png



  • 9.  RE: Failed to get value for attributes=[Role_Name]

    Posted Apr 10, 2019 03:22 AM

    anyone sir ?



  • 10.  RE: Failed to get value for attributes=[Role_Name]

    Posted Apr 11, 2019 03:27 AM
      |   view attached

    dear PDudakia,

     

    attached the access tracker detail

    Attachment(s)

    zip
    access tracker detail.zip   9 KB 1 version