When a new device connects, we put them into a needs_profiling role that only allows DHCP so they can get profiled, then send a CoA. This works for a lot of devices, but doesn't work for many others. Because of this we often end up with devices that get stuck in the needs_profiling role.
Is there a way to detect when a device has been in a role for x minutes and then execute an action on that device? We already have the CLI commands configured that we could trigger on these clients, I just can't work out the first part.