Security

Reply
MVP
Posts: 1,408
Registered: ‎05-28-2008

Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

[ Edited ]

Two questions:

 

*Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases) - please advise.

 

 *Can i configure the CPPM to delete expired account - after 24hours since login

 

Please advise.

 

me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

Capture.PNG

 

I want this expired device to be deleted (in order for the guest be able to login for another 30min) - 24Hrs after beened created&logged in.

 

please advise.

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 4,266
Registered: ‎07-20-2011

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

[ Edited ]

 

Have you tried doing here ? action after expiration: 

 

But I think it may not be supported under 6.0.

 

Define Custom Field – ClearPass Guest – Aruba Networks_2013-06-12_12-02-10.png

 

Aruba_CPGuest_DG_PDF.pdf - Adobe Reader_2013-06-12_12-12-35.png

 

Expiration Relative to Login, and Expiration Action
The expire_postlogin (Lifetime) field is used to specify an expiration time that takes effect after the first
login of a guest account.(#10442)
The do_expire (Expire Action) field is used to specify the action to take when the expiration time
(expire_time) is reached for a guest account. (#10442)

 

 

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

Thanks on a gr8 info.

 

Is there importent order i should place thoese options in the form?

 

 

 

BTW: i'am using CPPM evel lic - version number: 6.0.2.46902 - it will work for me? please advise.

 

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 4,266
Registered: ‎07-20-2011

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

 

Unfortunately is not supported under the 6.0.x version according to the 6.1 release notes :

 

ClearPass_6.1_RN.pdf - Adobe Reader_2013-06-12_14-18-38.png

 

_2013-06-12_14-20-47.png

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

Ok - thanks on the info  So in 6.0.X  my only solution is to set expiry time to amount needed for each guest,and set the database clear of expired accounts to 24 hours. *That's the only way i can achive + - what my client want*

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

[ Edited ]

I still dont see that the CPPM cleaning expired accounts: (I can see that guest account that already expired)

Capture3.PNG

 

 

Capture4.PNG

 

 

even due i set the following confg:

 

Capture.PNG

 

I set "Expired guest account cleanup interval" on 1 day , yesterday afternoon and now it's 00:57...When the cppm will clean up?

 

please advise.

 

Thanks.

 

Me

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 4,266
Registered: ‎07-20-2011

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

 

 

I think those havent been removed because those accounts were used recently : 10 Hrs or 4 Hrs  ...

 

You may have to wait until that account has been expired for 24 hrs since the last time the account was used or considered active/valid.

 

Screen Shot 2013-06-12 at 6.48.09 PM.png

 

 

 

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
MVP
Posts: 1,408
Registered: ‎05-28-2008

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

so....when i configre expire time,and the guest account is expired...the guest will continue to browse/surf...it's not normal...i build all this configuration in CPPM evel in order the guest user to be disconnect and back to the login-page agian at the end of the 1 hour.... so something is missing if i need manauly to disconnect thoes guests...

*****************2Plus Wireless Solutions****************************
Aruba Airheads - Powered By community for empower the community
************ Don't Forget to Kudos + me,If i helped you******************
MVP
Posts: 4,266
Registered: ‎07-20-2011

Re: Can i configure CPPM guest - to delete expired accounts in a spsefic hour ? (24:00 daily bases)

[ Edited ]

 

 

 

After the account expired it shouldn;t be able to continue to browse , unless accounting is not working properly

 

Have you tried manually disconnecting the user from the active guest list ?

 

 

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Search Airheads
Showing results for 
Search instead for 
Did you mean: