Security

We have a 4 server clearpass installation and I'd like to change the publisher to one of the current subscribers. Is there a document explaining this process? What is actually involved? Would it cause downtime?

What you could do is setup one of the subscribers as the Standby Publisher
Please read this:
Page 22 (Standby Publisher)
https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=15546 / CPPM TechNote - Clustering Design Guidelines V1
http://www.arubanetworks.com/techdocs/ClearPass/Aruba_DeployGd_HTML/Content/5%20Cluster%20Deployment/Standby_publisher.htm

Make sure that the future Publisher has the same or better resources (Memory , CPU , etc..) of the current publisher .

Thanks, all my servers are the same hardware. 

 

Is there  a way to force a failover without waiting the alloted time and calculations?

You can manually promote the subscriber and all the other nodes will be attached to the new promoted publisher.
- First backup your current config
- Check the release notes or contact TAC to see if there's any known issues with current code about promoting a subscriber to a publisher , I was able to do in the latest code 6.5.5
- Go to Administration > Server Manager > Click on the subscriber and on the top right corner there's an option to promote the subscriber to publisher

In terms of downtime it depends on how much data it needs to sync from all the nodes , I suggest having an 2-3 hours downtime

You may need to contact support to re-activate licenses on the new publisher.