In Microsoft Azure:
Directory: Aruba North Sydney
Domain: arubatechs.com
group name: SydneyLab
user: kapildev.erampu@arubatechs.com
kapildev.erampu@arubatechs.com is part of “SydneyLab” group.
The following apps are registered in Azure AD as applications.
Sydney ClearPass
KAPHOMELAB
MYESP_CloudAuth
The Registered Apps, Application (client) ID, Directory (tenant) ID, RegisteredApp_Secret_Value will be used by Central CloudAuth or ClearPass to talk to Azure AD.
“KAP HOME LAB” is my workspace name.
“Summer_Cloudauth” is the SSID name.
But my phone can see both “KAP HOME LAB” and “Summer_Cloudauth”, this is because.,
When an HPE Greenlake workspace name appears as the SSID on a device when Cloud authentication is configured, it’s usually because the underlying network infrastructure, likely an APs or similar system, is set to automatically use the “workspace name” as the SSID, especially if the configuration is not specifically customized to display a different network name for the user interface.
In HPE Aruba Networking Central:
Client Role: Once you are connected to the Identity store, there will be a table that maps user group, client tags and client role.
By default it is deny-all. Set the client role to a valid role.
WLAN: While creating the SSID, In Security, ensure the security level is Enterprise and Primary Server is Cloud Auth.
Also map the SSID name in the WLAN section(WLAN for non-passpoint clients) of the CloudAuth configuration.
You can use the “Onboarding URL” to install the certificates and network profiles into your phone.
Networking & Security 