Yes, you can add the local user store to the list of authentication sources for your guest operator logins. See an example below which allows users from AD, or local user store in ClearPass, or the admin user store to sign in as operator:
It may be that you can better use the Guest User Repository to store your users rather than the Local User Repository (in the CPPM side of the product) as there are more features in there like more attributes than just a role, account expiration, etc.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your HPE Aruba Networking partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact HPE Aruba Networking TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or HPE Aruba Networking.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Feb 20, 2025 03:17 PM
From: paziselbe@cushing.org
Subject: Clearpass config, swapping RADIUS for local users for BYOD network.
Hi, all.
I have clearpass running authentication with an active directory back-end acting as a radius server.
We have a guest portal for guest use and a BYOD portal, which allows registered users to self authorize BYOD devices (I'm at a residential college prep school, so dorms with both students and teachers in residence, adding TVs, game consoles and the like).
Because of some AD issues, we're looking to migrate our users to a local accounts in the Policy Manager environment. Test users work fine, assign a password, set the right role, and they're good. But the BYOD login page is checking against the RADIUS server for valid credentials.
How can I add the local user account store to the BYOD registration so that non-AD users can authorize devices?
Thanks.