Security

 View Only
last person joined: 16 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass & Microsoft Entra ID LDAP integration

This thread has been viewed 18 times

  • 1.  Clearpass & Microsoft Entra ID LDAP integration

    Posted Mar 18, 2024 07:05 AM

    Hi All,

    Here is my setup

    User/Guest <-> AP <-> Aruba-Central <-> O365 LDAP.

    Problem:

    Clearpass integration is done with Microsoft Entra ID LDAP, and Guest page is also created. However, When I do Sponsor login to authenticate Guest registration it is failing.

    Connection test is Successfull

    Summary page:

    Logs:

    Not sure why request is going to Local server- where it is suppose to go to AD. Plz help



    ------------------------------
    Thanks,
    Ashwin
    ------------------------------


  • 2.  RE: Clearpass & Microsoft Entra ID LDAP integration

    Posted Mar 18, 2024 12:54 PM

    Have you completed the Identity > SSO SP Configuration? 

    Enabled SSO for Guest Operators?

    And Created an Azure based Aruba Application Authorization Service? 



    ------------------------------
    If my post was useful, please Accept Solution and Give Kudos.
    ------------------------------
    Zak Chalupka
    Principal Engineer - HPE Aruba
    ACDX | ACMP | ACSP | ACCP
    wifizak@hpe.com
    ------------------------------
    Ideas expressed here are solely my own and not necessarily that of HPE Aruba.
    ------------------------------

    Original Message


  • 3.  RE: Clearpass & Microsoft Entra ID LDAP integration

    EMPLOYEE
    Posted Mar 19, 2024 06:15 AM

    The Entra ID (previously Azure AD) Auth Source is only used for Authorization. It's also not LDAP based, but Graph-API.

    For Operator Login, SSO needs to be configured with Entra ID, as Zak mentioned.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message