Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Local User Database attributes

This thread has been viewed 2 times

  • 1.  Local User Database attributes

    Posted Oct 19, 2019 02:35 AM

    Dear Experts, 

     

    Is it possible to add attribute value of Department in all the users being created in local database and then later use it during the role mapping process? 

     

    like with AD, we can have a role mapping policy like this

     

    authorization:AD1 Department Equals Sales

    Can we do the same for Local User database?



  • 2.  RE: Local User Database attributes

    EMPLOYEE
    Posted Oct 19, 2019 02:38 AM
    yes


  • 3.  RE: Local User Database attributes

    Posted Oct 19, 2019 03:17 AM
    Ok...

    Any idea how to?

    I added the attribute and tried to use it in RM but it was not showing up


  • 4.  RE: Local User Database attributes

    EMPLOYEE
    Posted Oct 19, 2019 03:45 AM
    Did you add the Local User repos as an authorization source?



  • 5.  RE: Local User Database attributes

    Posted Oct 19, 2019 03:51 AM
    It was added as authentication source. Will it be allowed to be added as
    authorization source also?


  • 6.  RE: Local User Database attributes

    EMPLOYEE
    Posted Oct 19, 2019 03:52 AM
    yes


  • 7.  RE: Local User Database attributes

    Posted Oct 19, 2019 03:54 AM
    I dnt think so since it gives the message that its already added as
    authentication source.

    But if u r sure, let me try again


  • 8.  RE: Local User Database attributes

    EMPLOYEE
    Posted Oct 19, 2019 03:54 AM
    Best way to look at is that authentication (authN) is to make sure the account is valid. Authz is to look at the users attributes.


  • 9.  RE: Local User Database attributes
    Best Answer

    EMPLOYEE
    Posted Oct 19, 2019 04:03 AM

    Screen Shot 2019-10-19 at 2.49.19 AM.pngScreen Shot 2019-10-19 at 2.49.25 AM.pngScreen Shot 2019-10-19 at 3.02.30 AM.pngScreen Shot 2019-10-19 at 3.02.36 AM.png



  • 10.  RE: Local User Database attributes

    Posted Oct 23, 2019 01:48 PM

    Thanks Troy, 

     

    I was selecting authorization:local user respository. 

     

    Thanks again



  • 11.  RE: Local User Database attributes

    Posted Oct 19, 2019 03:32 AM

    The user's department and group members will be available as sales roles for evaluation by the enforcement policy.



  • 12.  RE: Local User Database attributes

    Posted Oct 19, 2019 03:35 AM
    I am talking about local user database. Not AD