W-ClearPass Guest 6.0 Deployment Guide
Page 5
...Setting Up a Root Certificate Authority 82 Setting Up an Intermediate Certificate Authority 84 Obtaining a Certificate for the Certificate Authority 86 Using Microsoft Active Directory Certificate Services 86 Installing a Certificate Authority's Certificate 88 Renewing the Certificate Authority's Certificate 90 Configuring Data Retention Policy for Certificates 90 Uploading ... Revocation Checks and Authorization 109 Configuring Provisioning Settings for iOS and OS X 110 Configuring Instructions for iOS and OS X 111 Dell Networking W-ClearPass Guest 6.0 | Deployment Guide |5
...Setting Up a Root Certificate Authority 82 Setting Up an Intermediate Certificate Authority 84 Obtaining a Certificate for the Certificate Authority 86 Using Microsoft Active Directory Certificate Services 86 Installing a Certificate Authority's Certificate 88 Renewing the Certificate Authority's Certificate 90 Configuring Data Retention Policy for Certificates 90 Uploading ... Revocation Checks and Authorization 109 Configuring Provisioning Settings for iOS and OS X 110 Configuring Instructions for iOS and OS X 111 Dell Networking W-ClearPass Guest 6.0 | Deployment Guide |5
W-ClearPass Guest 6.0 Deployment Guide
Page 15
... on page 23 l "Documentation and User Assistance " on page 24 l "Use of Cookies " on page 25 About Dell Networking W-ClearPass Guest Dell Networking W-ClearPass Guest provides a simple and personalized user interface through which can then be delivered wirelessly using the integrated SMS services. The visitor.... Through a customizable Web portal, your staff can be registered at reception and provisioned with an LDAP server or Active Directory login. You can use the customization features to define settings that defines their visitor profile and the duration of deploying a...
... on page 23 l "Documentation and User Assistance " on page 24 l "Use of Cookies " on page 25 About Dell Networking W-ClearPass Guest Dell Networking W-ClearPass Guest provides a simple and personalized user interface through which can then be delivered wirelessly using the integrated SMS services. The visitor.... Through a customizable Web portal, your staff can be registered at reception and provisioned with an LDAP server or Active Directory login. You can use the customization features to define settings that defines their visitor profile and the duration of deploying a...
W-ClearPass Guest 6.0 Deployment Guide
Page 76
... access the provisioned network. Figure 16 shows a sequence diagram that provisioned the device. Devices Supporting Onboard Provisioning Dell Networking W-ClearPass Onboard supports secure device provisioning for these are collectively referred to the mobile device provisioning page. 2. The Onboard...(TLS) client certificate is to the device during device provisioning. 3. These are typically the user's enterprise credentials from Active Directory. When a BYOD device first joins the provisioning network it with their provisioning credentials - This will have a set of its...
... access the provisioned network. Figure 16 shows a sequence diagram that provisioned the device. Devices Supporting Onboard Provisioning Dell Networking W-ClearPass Onboard supports secure device provisioning for these are collectively referred to the mobile device provisioning page. 2. The Onboard...(TLS) client certificate is to the device during device provisioning. 3. These are typically the user's enterprise credentials from Active Directory. When a BYOD device first joins the provisioning network it with their provisioning credentials - This will have a set of its...
W-ClearPass Guest 6.0 Deployment Guide
Page 86
... Request a Certificate link on page 88. Click the link to the Microsoft Active Directory Certificate Services Web page. Obtaining a Certificate for the Certificate Authority The Intermediate Certificate Request page displays the certificate signing request for the Certificate Authority Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Use this option when you need to obtain a certificate...
... Request a Certificate link on page 88. Click the link to the Microsoft Active Directory Certificate Services Web page. Obtaining a Certificate for the Certificate Authority The Intermediate Certificate Request page displays the certificate signing request for the Certificate Authority Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Use this option when you need to obtain a certificate...
W-ClearPass Guest 6.0 Deployment Guide
Page 87
.... Click the Submit button to submit a request using a base-64-encoded CMC or PKCS #10 file. Figure 20: The Certificate Pending Page Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Using Microsoft Active Directory Certificate Services | 87 The Submit a Certificate Request or Renewal Request page is for a certificate authority, select the "Subordinate Certificate Authority" in...
.... Click the Submit button to submit a request using a base-64-encoded CMC or PKCS #10 file. Figure 20: The Certificate Pending Page Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Using Microsoft Active Directory Certificate Services | 87 The Submit a Certificate Request or Renewal Request page is for a certificate authority, select the "Subordinate Certificate Authority" in...
W-ClearPass Guest 6.0 Deployment Guide
Page 135
...located in the File field. You can reference the file when creating custom HTML templates. Directory structure is most suited to upload. To overwrite a previous file of the content assets in ClearPass Guest: 1. To use a content item, you can use in the Description text area...name, mark the Overwrite check box. 5. Go to upload the file. Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Uploading Content | 135 Upload New Content tab. Go to the file you create the new directory, navigate into any custom HTML editor within the application. In the File ...
...located in the File field. You can reference the file when creating custom HTML templates. Directory structure is most suited to upload. To overwrite a previous file of the content assets in ClearPass Guest: 1. To use a content item, you can use in the Description text area...name, mark the Overwrite check box. 5. Go to upload the file. Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Uploading Content | 135 Upload New Content tab. Go to the file you create the new directory, navigate into any custom HTML editor within the application. In the File ...
W-ClearPass Guest 6.0 Deployment Guide
Page 136
... confirm the deletion. 4. The item is placed in the public directory on the Web server. The file is displayed below its row in the list. The Quick View link is not available for all content types. 136 | Additional Content Actions Dell Networking W-ClearPass Guest 6.0 | Deployment Guide After you to view and edit the...
... confirm the deletion. 4. The item is placed in the public directory on the Web server. The file is displayed below its row in the list. The Quick View link is not available for all content types. 136 | Additional Content Actions Dell Networking W-ClearPass Guest 6.0 | Deployment Guide After you to view and edit the...
W-ClearPass Guest 6.0 Deployment Guide
Page 241
... network, manage guests, or run reports. About Operator Logins Dell Networking W-ClearPass Guest supports role-based access control through the use of the user interface. Accessing Operator Logins To access Dell Networking W-ClearPass Guest's operator login features, click the Administration link in an LDAP directory server. Different operators may have different roles that the operator...
... network, manage guests, or run reports. About Operator Logins Dell Networking W-ClearPass Guest supports role-based access control through the use of the user interface. Accessing Operator Logins To access Dell Networking W-ClearPass Guest's operator login features, click the Administration link in an LDAP directory server. Different operators may have different roles that the operator...
W-ClearPass Guest 6.0 Deployment Guide
Page 242
... operators and operators who are described in more detail below. 242 | Role-Based Access Control for Multiple Operator Profiles Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Role-Based Access Control for Multiple Operator Profiles Using the operator profile editor, the forms and...different forms and views for a specific operator profile, which are defined externally in your company's directory server. These customized settings will take when using Dell Networking WClearPass Guest. Operator Profiles An operator profile determines what actions an operator is displayed. ...
... operators and operators who are described in more detail below. 242 | Role-Based Access Control for Multiple Operator Profiles Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Role-Based Access Control for Multiple Operator Profiles Using the operator profile editor, the forms and...different forms and views for a specific operator profile, which are defined externally in your company's directory server. These customized settings will take when using Dell Networking WClearPass Guest. Operator Profiles An operator profile determines what actions an operator is displayed. ...
W-ClearPass Guest 6.0 Deployment Guide
Page 248
...254. 7. Create a translation rule to map the CPPM role name to the ClearPass Guest operator profile: In ClearPass Guest, go to set up operator logins integrated with a Microsoft Active Directory domain or another LDAP server. Edit the fields appropriately to match the CPPM ...when the AirGroup Services plugin is installed. 2. Create an operator profile in your company's directory server form the second type of the operator is supported. 248 | Creating a New Operator Dell Networking W-ClearPass Guest 6.0 | Deployment Guide In the Translation Rules list, choose the profile, then click...
...254. 7. Create a translation rule to map the CPPM role name to the ClearPass Guest operator profile: In ClearPass Guest, go to set up operator logins integrated with a Microsoft Active Directory domain or another LDAP server. Edit the fields appropriately to match the CPPM ...when the AirGroup Services plugin is installed. 2. Create an operator profile in your company's directory server form the second type of the operator is supported. 248 | Creating a New Operator Dell Networking W-ClearPass Guest 6.0 | Deployment Guide In the Translation Rules list, choose the profile, then click...
W-ClearPass Guest 6.0 Deployment Guide
Page 249
...to Administration > Operator Logins > Servers, then click the Create new LDAP server link in defaults for Microsoft Active Directory servers, POSIX-compliant directory servers, and RADIUS servers. To specify a basic LDAP server connection (hostname and optional port number), use . Click... the rules defined in order of the form ldap://hostname/ or ldap://hostname:port/. Manage LDAP Operator Authentication Servers Dell Networking W-ClearPass Guest supports a flexible authentication mechanism that can authenticate the operator's identity (typically with a username and password), the...
...to Administration > Operator Logins > Servers, then click the Create new LDAP server link in defaults for Microsoft Active Directory servers, POSIX-compliant directory servers, and RADIUS servers. To specify a basic LDAP server connection (hostname and optional port number), use . Click... the rules defined in order of the form ldap://hostname/ or ldap://hostname:port/. Manage LDAP Operator Authentication Servers Dell Networking W-ClearPass Guest supports a flexible authentication mechanism that can authenticate the operator's identity (typically with a username and password), the...
W-ClearPass Guest 6.0 Deployment Guide
Page 250
...must supply the required credentials to bind to the directory. (Leave this LDAP server. l Shared Secret: The shared secret for emails on the LDAP server. Use the Plugin Manager to the LDAP server. If the 250 | Creating an LDAP Server Dell Networking W-ClearPass Guest 6.0 | Deployment Guide l Bind Password: The... binding to the LDAP server, or empty for an anonymous bind. Table 21: Server Type Parameters Server Type Required Configuration Parameters Microsoft Active Directory l Server URL: The URL of the LDAP server l Bind DN: The password to use when binding to the LDAP server, or ...
...must supply the required credentials to bind to the directory. (Leave this LDAP server. l Shared Secret: The shared secret for emails on the LDAP server. Use the Plugin Manager to the LDAP server. If the 250 | Creating an LDAP Server Dell Networking W-ClearPass Guest 6.0 | Deployment Guide l Bind Password: The... binding to the LDAP server, or empty for an anonymous bind. Table 21: Server Type Parameters Server Type Required Configuration Parameters Microsoft Active Directory l Server URL: The URL of the LDAP server l Bind DN: The password to use when binding to the LDAP server, or ...
W-ClearPass Guest 6.0 Deployment Guide
Page 251
...information about common error messages and troubleshooting steps to RFC 2255 for further details. To specify a different organizational unit within the directory, include a distinguished name in the LDAP server list on the selected server: l Edit-Opens the Server Configuration form, where...format ldap://host:port/dn?attributes?scope?filter?extensions. Refer to diagnose the problem. l Enable-Reenables a disabled LDAP server. Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Advanced LDAP URL Syntax | 251 authentication is successful, the operator profile assigned to save this ...
...information about common error messages and troubleshooting steps to RFC 2255 for further details. To specify a different organizational unit within the directory, include a distinguished name in the LDAP server list on the selected server: l Edit-Opens the Server Configuration form, where...format ldap://host:port/dn?attributes?scope?filter?extensions. Refer to diagnose the problem. l Enable-Reenables a disabled LDAP server. Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Advanced LDAP URL Syntax | 251 authentication is successful, the operator profile assigned to save this ...
W-ClearPass Guest 6.0 Deployment Guide
Page 253
... 533 Account is added above the server names to the LDAP servers list. 2. The Authentication Test area is disabled Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Looking Up Sponsor Names | 253 Click Search Directory to attempt to find sponsor names that match the lookup values, or click Cancel to display detailed authorization information for...
... 533 Account is added above the server names to the LDAP servers list. 2. The Authentication Test area is disabled Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Looking Up Sponsor Names | 253 Click Search Directory to attempt to find sponsor names that match the lookup values, or click Cancel to display detailed authorization information for...
W-ClearPass Guest 6.0 Deployment Guide
Page 254
... correct LDAP version - LDAP Translation Rules LDAP translation rules specify how to determine operator profiles based on the structure of your directory, and is locked Other items to consider when troubleshooting LDAP connection problems: l Verify that the user is correct - The Edit Translation... Rule form opens. 2. l Verify that the Bind DN is an administrator, hence the name MatchAdmin. 254 | LDAP Translation Rules Dell Networking W-ClearPass Guest 6.0 | Deployment Guide To create a new LDAP translation rule: 1. In the example above, the translation rule is to check that...
... correct LDAP version - LDAP Translation Rules LDAP translation rules specify how to determine operator profiles based on the structure of your directory, and is locked Other items to consider when troubleshooting LDAP connection problems: l Verify that the user is correct - The Edit Translation... Rule form opens. 2. l Verify that the Bind DN is an administrator, hence the name MatchAdmin. 254 | LDAP Translation Rules Dell Networking W-ClearPass Guest 6.0 | Deployment Guide To create a new LDAP translation rule: 1. In the example above, the translation rule is to check that...
W-ClearPass Guest 6.0 Deployment Guide
Page 255
... match at end of string n ends with - Your options here are to a specific operator field. n Assign custom value to enter your directory. 9. If you have created it . 4. always matches n contains - case-insensitive substring match at start of string 5. n Apply custom...template that may perform custom processing on equality n does not equal - case-insensitive string comparison, matches on the LDAP operator. Dell Networking W-ClearPass Guest 6.0 | Deployment Guide LDAP Translation Rules | 255 3. Select the Enabled check box to enter your rule settings. The ...
... match at end of string n ends with - Your options here are to a specific operator field. n Assign custom value to enter your directory. 9. If you have created it . 4. always matches n contains - case-insensitive substring match at start of string 5. n Apply custom...template that may perform custom processing on equality n does not equal - case-insensitive string comparison, matches on the LDAP operator. Dell Networking W-ClearPass Guest 6.0 | Deployment Guide LDAP Translation Rules | 255 3. Select the Enabled check box to enter your rule settings. The ...
W-ClearPass Guest 6.0 Deployment Guide
Page 308
DN See distinguished name. field Single item of information about users and other objects in a directory. LDAP Lightweight Directory Access Protocol; When a user connects to the NAS device, a RADIUS user authentication request (Access-Request) is the primary name ...Operating system from Apple, Inc. communications protocol used to determine the current status of keys and certificates (PKCS#12). 308 | Glossary Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Protocol used to store and retrieve information about a visitor account. operator/operator login Person who uses...
DN See distinguished name. field Single item of information about users and other objects in a directory. LDAP Lightweight Directory Access Protocol; When a user connects to the NAS device, a RADIUS user authentication request (Access-Request) is the primary name ...Operating system from Apple, Inc. communications protocol used to determine the current status of keys and certificates (PKCS#12). 308 | Glossary Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Protocol used to store and retrieve information about a visitor account. operator/operator login Person who uses...
W-ClearPass Guest 6.0 Deployment Guide
Page 311
...control, print templates 197 account filters, creating 244 accounting 18, 20 accounts passwords, multiple 177 visitor account 21 Active Directory LDAP authentication 249 active sessions 59-60 administration 219, 236 plugin management 224 Administration module 219 AirGroup authenticating users via ...notifications 220 personal devices 55 registering devices 53 shared locations 53 shared roles 54 tag=value pair 53 alerts, SMS 63 Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Index application log 237 filtering 238 searching 237 viewing 237 applications, installing 78 authentication 18, ...
...control, print templates 197 account filters, creating 244 accounting 18, 20 accounts passwords, multiple 177 visitor account 21 Active Directory LDAP authentication 249 active sessions 59-60 administration 219, 236 plugin management 224 Administration module 219 AirGroup authenticating users via ...notifications 220 personal devices 55 registering devices 53 shared locations 53 shared roles 54 tag=value pair 53 alerts, SMS 63 Dell Networking W-ClearPass Guest 6.0 | Deployment Guide Index application log 237 filtering 238 searching 237 viewing 237 applications, installing 78 authentication 18, ...
W-ClearPass Policy Manager 6.0 Quick Start Guide
Page 14
... Sources (Select drop-down list): [Local User Repository] [Local SQL DB] [Guest User Repository] [Local SQL DB] 14 Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide In this example, the authentication and authorization source are associated with fourteen preconfigured Services. n ...within your existing enterprise. Table 2: Configure Authentication Navigation and Settings Navigation Settings Select an Authentication Method and an Active Directory server (that you select a Service that are one of this Use Case, accept the preconfigured Service Categorization Rules...
... Sources (Select drop-down list): [Local User Repository] [Local SQL DB] [Guest User Repository] [Local SQL DB] 14 Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide In this example, the authentication and authorization source are associated with fourteen preconfigured Services. n ...within your existing enterprise. Table 2: Configure Authentication Navigation and Settings Navigation Settings Select an Authentication Method and an Active Directory server (that you select a Service that are one of this Use Case, accept the preconfigured Service Categorization Rules...
W-ClearPass Policy Manager 6.0 Quick Start Guide
Page 15
...Endpoints Repository] [Local SQL DB] [Onboard Devices Repository] [Local SQL DB] > [Admin User Repository] [Local SQL DB] > AmigoPod AD [Active Directory> l Add > l Upon completion, Next (to configure Authorization) The following field deserves special mention: n Strip Username Rules: Optionally, check here to pre...-process the user name (to remove prefixes and suffixes) before sending it maps: Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide 15 Click the Next button. In this Use Case, create the role mapping policy ...
...Endpoints Repository] [Local SQL DB] [Onboard Devices Repository] [Local SQL DB] > [Admin User Repository] [Local SQL DB] > AmigoPod AD [Active Directory> l Add > l Upon completion, Next (to configure Authorization) The following field deserves special mention: n Strip Username Rules: Optionally, check here to pre...-process the user name (to remove prefixes and suffixes) before sending it maps: Dell Networking W-ClearPass Policy Manager 6.0 | Quick Start Guide 15 Click the Next button. In this Use Case, create the role mapping policy ...