Security

Hello,

I have configured my Clearpass guest to login our users as MACTrac operators, they are able to log in and create a new device using it's mac. 

However, it gives them no expiry. I work at a school campus and would like to set a default expiration time on user created devices. This way, we can go through and clear out expired devices at an interval we determine appropriate. 

As an Admin I know I could change the expiration manually, which is what I would intend to do for special circumstances, but I don't want to have to go in behind each person and set an expiration. 

In the fields and views I see where the text for the expiration is displayed, but I haven't found a location to set a default. In the manual I notice it consistently says that there is no expiry for these devices. I really hope there is a way to change that default. 

You can duplicate the default form, set an initial value for the expire_time field and then hide the field from the form.

Ah, That's a clever way to accomplish this. Thanks!

So I had to unhide the interface to see if I saw what the issue is. I am drawing a blank. 

When attempting to create a new device with expiration set, I get "Parameter must be an integer"  if I have Expire_Time field added into the form. I figure it has to be a validation parameter of some sort, but I am honestly not sure where this error is coming from.

I can remove it from the form and everything works just dandy. 

EDIT: This same error happens even when I remove the 1y initial value. 

Sorry to double post. I have figured out my issue I believe. I will update this post once I test.

Figured out that my expire_time is by default an Int. I created a copy of it and will change the data type to see if I get better results.

Setting my expire_time to a string or no data type I get the following error in place of the integer error.

I seem to have a similar issue with my expiration time. In my case the expiration field is populated with a static entry from the past. When I try to create the new device I get the error "The expiration time occurs pror to the activation time". I tried following the previous given instructions to no avail. Any ideas where I'm going wrong?

So the issue here is that you're using the field "expire_time" which expects an integer-based time/date stamp, instead, use the "expire_after" variable and set it t a value you have made valid in "Guest Manager" .

After creating a valid value for "expire_after", add the field to your form and override the default value and interface type (to hidden)

Check off the box that instructs the form to always submit with initial value:

Then test your form and you should get the desired results:

 Enjoy!