Policy Manager Admin Access Service Template

This template is designed for services that authenticate users against Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed.. Use Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. attributes to determine appropriate privilege levels for ClearPass Policy Manager admin access.

To access the Policy Manager Admin Access service template:

1. Navigate to Configuration > Service Templates & Wizards.

2. From the Service Templates & Wizards page, select Policy Manager Admin Access. The Service Templates - Policy Manager Admin Access page opens to the General tab.

Figure 1  Policy Manager Admin Access Service Template

Specify the Policy Manager Admin Access service template parameters as described in the following table:

Table 1: Policy Manager Admin Access Service Template Parameters

Parameter

Action/Description

General

Select Prefix

Select a prefix from the existing list of prefixes.

This populates the preconfigured information in the Authentication and Role Mapping sections. The Name Prefix field is not editable.

Name Prefix

Enter a prefix that you want to append to services using this template. Use this to identify services that use templates.

Authentication: Create an Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. Authentication Source

Select Authentication Source

Select an authentication source from the list.

The information updated in the Authentication and Role Mapping tabs are auto-populated.

Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. Name

Enter the hostname or the IP address of the Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. server. This field is mandatory.

Description

Enter a description that helps to identify the characteristics of this template. This field is mandatory.

Server

Enter the hostname or the IP address of the Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. server. This field is mandatory.

Port

Enter the TCP Transmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data. port where the server is listening for a connection. This field is mandatory.

Identity

Enter the Distinguished Name (DN Distinguished Name. A series of fields in a digital certificate that, taken together, constitute the unique identity of the person or device that owns the digital certificate. Common fields in a DN include country, state, locality, organization, organizational unit, and the “common name”, which is the primary name used to identify the certificate.) of the administrator account. This field is mandatory.

Password

Enter the account password. This field is mandatory.

NetBIOS Network Basic Input/Output System. A program that lets applications on different computers communicate within a LAN.

Enter the server Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. domain name. This field is mandatory.

Base DN Distinguished Name. A series of fields in a digital certificate that, taken together, constitute the unique identity of the person or device that owns the digital certificate. Common fields in a DN include country, state, locality, organization, organizational unit, and the “common name”, which is the primary name used to identify the certificate.

Enter the DN Distinguished Name. A series of fields in a digital certificate that, taken together, constitute the unique identity of the person or device that owns the digital certificate. Common fields in a DN include country, state, locality, organization, organizational unit, and the “common name”, which is the primary name used to identify the certificate. of the administrator account. This field is mandatory.

Role Mapping

Attribute Name

Select the Active Directory Microsoft Active Directory. The directory server that stores information about a variety of things, such as organizations, sites, systems, users, shares, and other network objects or components. It also provides authentication and authorization mechanisms, and a framework within which related services can be deployed. attribute.

Super Admin Condition

Defines the various privilege levels.

Read Only Admin Condition

Help Desk Condition