Administrator Guide
operator’s provisioned devices. The operator can also define a group of other users who are allowed to share
the operator’s devices.
The AirGroup Operator profile is automatically created in W-ClearPass Guest when the AirGroup Services plugin
is installed. This profile is used to define the AirGroup Operator role. To create an AirGroup Operator, see
"Creating a New Operator" on page 553.
Authenticating AirGroup Users via LDAP
Dell Networking W-ClearPass Guest supports LDAP authentication for administrators and operators. To
provide AirGroup Services to LDAP-authenticated users:
1. Define the LDAP server for AirGroup. See "External Operator Authentication" on page 554.
2. Define the appropriate translation rules to categorize the LDAP users. See "Custom LDAP Translation
Processing" on page 564.
Configuring LDAP User Search for AirGroup
On the AirGroup device registration portal, the Shared Roles and Shared Locations lists allow searching and
selecting from the roles and locations defined in an AirGroup-enabled controller in order to specify the users
with whom an AirGroup device should be shared. This section describes how to configure W-ClearPass Guest to
enable interactive directory-based user search for these AirGroup fields.
LDAP User Search Architecture
The LDAP user search feature has several architectural components, as shown in the following diagram.
User Search Workflow
The workflow for a typical user search operation is:
1. The user of the AirGroup portal starts typing a username. This triggers a dynamic request to W-ClearPass
Guest.
2. W-ClearPass Guest performs a search operation against the configured LDAP server.
Dell Networking W-ClearPass Guest 6.5.0 | User Guide Administration | 443