User for Insight DB
11-27-2018 05:44 AM
On several customer installations of ClearPass I have implemented routines to add MAC addresses as devices under ClearPass Guest and created Operator profiles with limited rights to just add specific types of devices. Each device type get a role assigned, as defined under the Operator profile configuration from the list of Guest Roles there I have added the different role mappings.
To ba able to use this role in Authorizations I have added a new filter to the Insight Repository source. See https://community.arubanetworks.com/t5/Security/Assigning-roles-to-devices/td-p/234899/page/2 for details.
There have never been any issues adding the filter to Insight Repository, but I have lately found that some ClearPass installations generate this error message when I add the filter:
The filter has been saved but has the following error:
Internal database login user must be either appuser or appexternal only
On the ClearPass cluster I have seen this issue appadmin have the account to access to insightdb.
I don't think this have been changed manually and I can see that more than one of my customers have either appadmin or appexternal for accessing insightdb.
Have there been any changes in default configuration over time in ClearPass for this setting?
Jonas Hammarbäck | Aranya AB
Network Architect, ACMA, ACMP, ACCP