02-17-2015 07:10 PM
Thanks everyone. very thanks.
It's almost final-stage. I made external db for MAC sync, external web based manager-tool for monitoring mac address log-using appexternal!- with out CPPM root login. :)
Finally, I need to expire unused mac address automatically. (during 6 month or 1 year)
My scenario is... check 'last used date' and drop that mac-address from my external DB.
Where do I find last used date mac-address from my aruba systems? in CPPM? in Airwave?
ps: Anyone using CPPM with external DB like me? I need to more and more information especially in compliance, please email me.
thank very much.
02-17-2015 07:14 PM
server and create a script that analyzes when a MAC address authenticates
and then remove it from your database. There is nothing inside of ClearPass
or the controllers that would do this for you as it's an external source.
02-17-2015 07:27 PM
Maybe external using from CPPM or controller is impossible, I will try monthly automatic backup/download from my Linux box from CPPM and Airwave using curl or another tool. It's enough to check in a month.
Many of compliance needs to expiring unused auth methods, I think 'backup of CPPM' (it's Postgress DB), has some last used mac address log. there is many tips_end~~~ view and table.
How about this scenario?
02-17-2015 07:31 PM
02-17-2015 07:56 PM
It's for management and security reason. The MAC address is very dynamic and massive.
Our office needs to sync mac-auth globally, then I made external DB for sync mac-address between offices. It's very simple and convinient
And If using endpoint repository everyone login in CPPM with administrative privileges. So I made view and insert DB system for our MAC-AUTH.
Is it possible to expiring unused mac-address with endpoins repository? Sorry, I'm not familiar CPPM operating environment, give me expiring unused macaddress best practice with endpoins?
May be I'll find some hints from that.