Security

Reply
Highlighted
Occasional Contributor I

User for Insight DB

Hi

 

On several customer installations of ClearPass I have implemented routines to add MAC addresses as devices under ClearPass Guest and created Operator profiles with limited rights to just add specific types of devices. Each device type get a role assigned, as defined under the Operator profile configuration from the list of Guest Roles there I have added the different role mappings.

 

To ba able to use this role in Authorizations I have added a new filter to the Insight Repository source. See https://community.arubanetworks.com/t5/Security/Assigning-roles-to-devices/td-p/234899/page/2 for details.

 

There have never been any issues adding the filter to Insight Repository, but I have lately found that some ClearPass installations generate this error message when I add the filter:

The filter has been saved but has the following error:
Internal database login user must be either appuser or appexternal only

 

On the ClearPass cluster I have seen this issue appadmin have the account to access to insightdb.

 

I don't think this have been changed manually and I can see that more than one of my customers have either appadmin or appexternal for accessing insightdb.

 

Have there been any changes in default configuration over time in ClearPass for this setting?

 

Best Regards

Best Regards
Jonas Hammarbäck | Aranya AB
Network Architect, ACMA, ACMP, ACCP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: