Manualshelf

Deployment Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
441442443444445446447448449450
446 | Operator Logins DellNetworking W-ClearPass Guest 6.3 | User Guide
3. In the Account Limit field, specify an appropriate value. This is the maximum number of personal devices that an
operator with this profile can create.
4. Click Save Changes.
You can create a set of operator profiles and configure each profile with a different account limit. This makes it easy to
assign operator profiles appropriately for small groups, larger groups, or events. To create each profile in the set,
duplicate the built-in AirGroup Operator profile, and update the Account Limit field in the new profile.
Local Operator Authentication
W-ClearPass Policy Manager profiles and W-ClearPass Guest profiles are different. To create a W-ClearPass Guest
operator login, local users are first defined in W-ClearPass Policy Manager with a role that matches an operator profile
in Guest, then rules are used to map the role to the Guest operator profile.
Creating a New Operator
To create a new operator or administrator for W-ClearPass Guest or AirGroup, some steps are performed in W-ClearPass
Policy Manager (CPPM), and some steps are performed in W-ClearPass Guest, as described below:
1. Create an operator profile in ClearPass Guest, or use an existing one. See "Operator Profiles" on page 440.
l To create an AirGroup user, choose either the AirGroup Administrator or AirGroup Operator profile, as
appropriate. These profiles are automatically included in ClearPass Guest when the AirGroup Services plugin is
installed.
l MACTrac users are created entirely in CPPM.
2. Create a CPPM role for the operator: In CPPM, go to Configuration > Identity > Roles and create a role that
matches the operator profile. Refer to the ClearPass Policy Manager documentation for information on creating the
role.
l When creating AirGroup users or MACTrac users, the appropriate roles are already created in CPPM.
3. Create a local user for the operator: In CPPM, go to Configuration > Identity > Local Users and click Add User.
In the Add Local User form, complete the fields and choose the appropriate role from the Role drop-down list.
l To create an AirGroup user, choose either the AirGroup Administrator or AirGroup Operator role, as
appropriate.
l To create a MACTrac user, choose the MACTrac Operator role. This form completes MACTrac user creation;
the following steps are not required.
4. Create a translation rule to map the CPPM role name to the ClearPass Guest operator profile: In ClearPass Guest, go
to Administration > Operator Logins > Translation Rules.
5. In the Translation Rules list, choose the profile, then click its Edit link.
6. Edit the fields appropriately to match the CPPM role name to the ClearPass Guest operator profile. See "LDAP
Translation Rules" on page 452.
7. Click Save Changes.