Security

Reply
Highlighted
Moderator

Re: Switch authentication

Can you check in access tracker and on the first Summary tab of the request, does it show that you have the [TACACS Super Admin] role?

 

 



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: Switch authentication

No. It shows Employee and User Authenticated.

Highlighted
Moderator

Re: Switch authentication

OK, so it sounds like it may be an issue with your authorization source.

 

On the input tab of the request under Authorization, do you see the AD groups listed for that user account?

 

input-authorization.PNG



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: Switch authentication

I have attached a screen shot of what it shows..

Highlighted
Moderator

Re: Switch authentication

Hm. OK. Just to be sure, is the roll mapping policy selected in the drop down in the service?



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted

Re: Switch authentication

You can select roles from the services tab in the service. You can add new roles as well once you make the roles tab visible. Keep in mind that these roles are internal to clear pass.

Sent from my iPhone
Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Highlighted
Occasional Contributor II

Re: Switch authentication

Yes it is. Attached a screen shot as well..

Highlighted
Moderator

Re: Switch authentication

Last screenshot! Can you post the roll mapping policy?



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor II

Re: Switch authentication

Here you go..

Highlighted
Moderator

Re: Switch authentication

It looks like you are referencing "Users" which the account isn't a member of. Are you referring to the account's OU? In that case use AD:UserDN CONTAINS Users instead of MemberOf.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: