Hello
I have recently deployed clearpass + Self registration,
I have 2 services, one that allows the guest to create an account. which then updates the endpoint repository, and then for the duration of the day the user connects to the wireless network and is authenticated by mac address.
I have set the mac service so it is only considered valid if less than 12 hours old and is tied to a valid account.
The solution is also set up so that a user can only connect with 2 devices. (at one time)
The problem is once a user has connected and authenticated, and the devices added to the Endpoint database, they never seem to disappear / get deleted.
So a user comes in one day registers with a device, then logs in to their iphone etc (if they come back in the next day they can reregister and reconnect . (Cant reconnect without self registering - as per design)
But clearpass then never forgets/deletes the macs, so when they then come in a week later, and register/attempt to connect with another device they are seen as trying to register / connect a 3rd device and they constantly fail the authentication even though they only have one device on that day.
Is there a way of restricting a user to 2 devices, but on a per account/day basis.
What i seem to have working is a user is limited to two devices, but this then caches the same to devices forever more...
I guess i need to find a way of turning the host to an unknow device or deleting it with a users account expiry, but i am unsure how to do this.
Any help would be appreciated...