Manualshelf

User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerconnect W-ClearPass Hardware Appliances
461462463464465466467468469470
4. Create a translation rule to map the CPPM role name to the W-ClearPass Guest operator profile: In
W-ClearPass Guest, go to Administration > Operator Logins > Translation Rules.
5. In the Translation Rules list, find the profile in the list, look at the Action column to verify the operator
profile assignment, and then click its Edit link. The row expands to include the Edit Translation Rule form.
6. Edit the fields appropriately to match the CPPM role name to the W-ClearPass Guest operator profile. See
"LDAP Translation Rules" on page 472.
7. Click Save Changes.
External Operator Authentication
Operators defined externally in your company’s directory server form the second type of operator.
Authentication of the operator is performed using LDAP directory server operations. The attributes stored for
an authenticated operator are used to determine what operator profile should be used for that user.
At Administration >Operator Logins >Start Here, the Manage Operator Servers and the Translation
Rules commands allow you to set up operator logins integrated with a Microsoft Active Directory domain or
another LDAP server.
The operator management features, such as creating and editing operator logins, apply only to local operator logins
defined in W-ClearPass Guest. You cannot create or edit operator logins using LDAP. Only authentication is
supported.
Manage LDAP Operator Authentication Servers
Dell Networking W-ClearPass Guest supports a flexible authentication mechanism that can be readily adapted
to any LDAP server’s method of authenticating users by name. There are built-in defaults for Microsoft Active
Directory servers and POSIX-compliant directory servers.
When an operator attempts to log in, each LDAP server that is enabled for authentication is checked, in order
of priority from lowest to highest.
When a server is found that can authenticate the operator’s identity (typically with a username and password),
the LDAP server is queried for the attributes associated with the user account.
These LDAP attributes are then translated to operator attributes using the rules defined in the LDAP
translation rules. In particular, an operator profile will be assigned to the authenticated user with this process,
which controls what that user is permitted to do.
Dell Networking W-ClearPass Guest 6.4 | User Guide Operator Logins | 465