- last edited on by
Anusha_Vemula
In Cloudpath we have an 'internal user database' this can be used for Demos and even a POC. It does provide you with the ability to save local credentials and also assign group membership to them. The group membership comes in VERY handy when you are doing things like SPLITs in a workflow.
Let’s configure a LOCAL server for DEMOING:
• Click on Configuration
• Click on Authentication Servers
• Scroll down to “Use Onboard Database”
(you can deselect “Include Admin Accounts” if you would prefer to NOT allow these users to log into Cloudpath as a local administrator.
• Click on Save at the top
In the authentication server list, you will now see “Onboard Database …. DB”
Let’s create some users! In this example, I am going to stick with a campus environment. We will have two types of users, Students and Faculty.
• Click the Disclosure Triangle beside “Server 1” to expand the menu:
• Click on the Button “Add User”
• Fill out the information, as you can see, you can add Group membership here! We will use this in our workflow. I have created a single user as a “student”
• Click on Save
Let’s create the Faculty member:
• Open the server disclosure triangle again
• Click on Add User
• Enter in the group “faculty” for this user:
• Click on Save
Workflow:
In the workflow, add an authentication server. In our workflow, I am going to insert a step after Step 1 to “Authenticate to a traditional authentication server”
• Add the “Authenticate to a traditional authentication server” after Step 1
• Select “Reuse an existing Authentication server” and select your internal DB:
• Click on Next
• Edit the Credential prompt screen to your liking, I will leave this as the default.
• Click on Save
Workflow so far:
Add a split! In this step, we will automatically select a split in the workflow for the end user based on group membership. I will create a split and a filter for “student” and “faculty”
• Insert a step after Step 2
• Select “Split users into different branches”
• Select “Use a new split.”
• Click Next
• Enter in a display name and two options, one for student and one for faculty:
• Click on Save
• Your workflow should appear similar to this:
• Click the blue pencil beside the word “students”
• Open up “Filters & Restrictions”
• In the field “Group Name Pattern:” enter in Student
• Click on Save
• In the workflow, you will see that there is a filter button beside students now, if you hover over it, you will see that if the condition is matched, the end user will automatically be put into that part of the workflow!
• Do the same for “Faculty” in the split, but obviously use the Group Name Pattern “faculty” in that split.
• Now, the rest of the workflow is up to you. If you want Students to get a EAP-TLS certificate with a Student template or get a DPSK from a pool create that in the workflow, for Faculty, this can be a completely different experience.
• In my example, I am just providing a message stating either Student or Faculty, so when I test this, I can immediately see the result!
Let’s try it!
• Publish your workflow!
• Click on the URL to start onboarding
• Results of the student onboarding:
• Results of the faculty onboarding:
Success!
