Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Business Logic for Account Creation
When guest Someone who is permitted to access the enterprise network or Internet through your Network Access Server. Also, as ClearPass Guest, a configurable ClearPass module for secure guest network access management. Access permissions are controlled through an operator profile that can be integrated with an LDAP server or Active Directory login. accounts are created, there are certain rules that must be followed in order to create a valid account. These rules apply to all accounts, regardless of how the account was created.
The business logic rules that control all guest account creation are described below. To see the display name corresponding to a field In a database or a user interface, a single item of information; attribute. name, go to and scroll to the field name. Display names are shown in the column.
For information on customizing fields, see Customizing Fields.
Verification Properties
The following table describes the verification properties fields for guest account creation at
.Basic User Properties
The following table describes the basic user properties fields for guest account creation at
.
Field |
Description |
---|---|
username |
This field is the name for the guest account and may be provided directly. If this field is not specified, then use the email address from the email field, and if that is also not specified, then randomly generate a username (according to the value of the random_username_method and random_username_length fields). |
modify_password |
This field controls password modification for the guest account. It may be set to one of these values: “reset” to randomly generate a new password according to the values of the random_password_method and random_password_length fields “password” to use the password specified in the password field “random_password” to use the password specified in the random_password field If blank or unset, the default password behavior is used, which is to use any available value from the random_password field and the password field, or assume that “reset” was specified otherwise. |
password |
This field is the password for the guest account and may be provided directly. If this field is not specified, then randomly generate a password (according to the values of the random_password_method and random_password_length fields). |
role_id |
This field is the role Type of access being granted. ClearPass lets you define multiple roles. Such roles could include employee, guest, team member, or press. Roles are used for both guest access (user role) and operator access to ClearPass. to assign to the guest account and may be specified directly. If this field is not specified, then determine the role ID from the role_name field. If no valid role ID is able to be determined, the guest account is not created. |
simultaneous_use |
This field determines the maximum number of concurrent sessions allowed for the guest account. If this field is not specified, the default value from the GuestManager configuration is used. |
random_username_method |
The method used to generate a random account username. If not specified, the default value from the GuestManager configuration is used. |
random_username_length |
The length in characters of random account usernames. If not specified, the default value from the GuestManager configuration is used. |
random_password_method |
The method used to generate a random account password. If not specified, the default value from the GuestManager configuration is used. |
random_password_length |
The length in characters of random account passwords. If not specified, the default value from the GuestManager configuration is used. The default password length is six characters. |
Guest Account Activation Properties
The following table describes the guest account activation properties fields for guest account creation at
.Guest Account Expiration Properties
The following table describes the guest account expiration properties fields for guest account creation at
.
Field |
Description |
---|---|
do_expire |
These fields are used to determine the time at which the guest account will expire. If modify_expire_time is “none”, then the account has no expiration time set. If modify_expire_time is “now”, then the account is disabled and has no expiration time set. If modify_expire_time is a value that specifies a relative time change, for example “+1h”, then the guest account’s expiration time is modified accordingly. If modify_expire_time is a value that specifies an absolute time, for example “2010-12-31 17:00”, then the guest account’s expiration time is set to that value. If modify_expire_time is “expire_after” or “expire_time”, then the expiration time is determined according to the expire_after or expire_time fields as explained below. If is set and not zero and the account will be activated immediately, then add the value in hours to the current time to determine the expiration time.If is set and not zero and account activation is set for a future time (schedule_time) instead of the current time, then the expiration time is calculated relative to the activation time instead of the current time.Otherwise, if expire_after is zero, negative or unset, and expire_time has been specified, use that expiration time. If the expire_time specified is in the past, set do_expire to 0 and ignore the specified expiration time. If the expire_timezone field is used in conjunction with expire_time and a time zone and date are selected, the date calculation is adjusted relative to the time zone. Otherwise, if expire_time is not specified, then the expire_time is not set and do_expire will always be set to zero. If the form Interactive page in the application where users can provide or modify data., the default expiration action is 4, Logout and Delete. This can be configured on the Customize Guest Manager page. field is not included in the |
modify_expire_time |
|
expire_after |
|
expire_time |
|
expire_postlogin |
This field determines the amount of time after the initial login for which the guest account will remain valid. If this field is not specified, the default value is 0 (account lifetime not set). |
expire_usage |
This field determines the total amount of login time permitted for the guest account. If this field is not specified, the default value is 0 (account usage is unlimited). |
Other Properties
All other properties specified at creation time are stored with the guest account (for example, email, visitor_name, visitor_company, visitor_phone, sponsor_name as well as any custom fields that have been defined).
Was this information helpful?
Great! Thanks for the feedback
Sorry about that! How can we improve it? Send your comments and suggestions!