Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How can I find the mappng rule used to assign a role?

This thread has been viewed 1 times

  • 1.  How can I find the mappng rule used to assign a role?

    Posted Jul 31, 2018 09:13 AM

    Is there a simple way to verify what mapping rule was used to assign a role?

     

    We are in the process to modifying some rules but leaving the original rules while testing. We want to know for sure that the new rule was applied instead of the old/original one.

     

     



  • 2.  RE: How can I find the mappng rule used to assign a role?
    Best Answer

    EMPLOYEE
    Posted Jul 31, 2018 09:16 AM
    No, you’d need to evaluate the conditions for the request.


  • 3.  RE: How can I find the mappng rule used to assign a role?

    MVP EXPERT
    Posted Jul 31, 2018 10:31 AM

    The command #show user mac XX might help with the User Role Derivation used.

     

    (Aruba620) #show user mac xx:xx:xx:xx:xx:xx


Name: , IP: 10.10.10.3, MAC: xx:xx:xx:xx:xx:xx, Age: 00:01:13
Role: ssid-authenticated (how: ROLE_DERIVATION_INITIAL_ROLE), ACL: 67/0
Authentication: No, status: not started, method: , protocol: , server:
Role Derivation: ROLE_DERIVATION_INITIAL_ROLE
VLAN Derivation: Default VLAN

     



  • 4.  RE: How can I find the mappng rule used to assign a role?

    EMPLOYEE
    Posted Jul 31, 2018 10:41 AM
    Role derivation on the controller has nothing to do with ClearPass role mapping.


  • 5.  RE: How can I find the mappng rule used to assign a role?

    MVP EXPERT
    Posted Jul 31, 2018 10:43 AM

    @