When a factory default Remote Access Point connects to a controller after having connected to Aruba Activate the controller will authenticate the access point against the RAP whitelist, if you have offloaded the Remote Access Point whitelist to ClearPass then ClearPass needs to be configured to both authenticate the Remote Access Point and instruct the controller about which access point group that the wrap is going to use.
This video takes a simple look at configuring a service to authenticate Remote Access Points on a controller and the enforcement profiles required to facilitate AP-Group and AP-Name assignments
(view in My Videos)