Dear all expert,
I'm implementing clearpass version 6.4.4 and my customer's requirement is use the same user account but get different user role when connect with computer and smartdevice. Such if user "aaa" in AD group "Tech" connect to wireless with computer , clearpass will return role to controller with "Tech" role. But if the same user "aaa" connect to wireless with smartdevice, clearpass will return role to controller with "MobileTech". This is work fine when i confiured it. However my customer give me more requirement that he want to limit user session , such user "aaa" connect with computer will be limited to 2 concurrent sessions. And at the same time , user "aaa" connect with smartdevice will be limited to 2 concurrent sessions too.
However if i use this insight attribute to limit.
select count(*) as sessions from radius_acct where (username = '%{Authentication:Username}') AND end_time is null AND termination_cause is null AND (updated_at BETWEEN (now() - interval '1 hour') AND now());
It will count from accounting stop per user. When i use this attribute combine to Role mapping or Enf prolicy , it will can't count by separate with device type too.
So how can i do it with above requirement?
Thanks ..