06-03-2016 08:00 AM
Requirement: User first time connects to the network, and gets registered with the same device. Now the user should not be able to authenticate himself from other device until someone clear the registered device of the respective user from CPPM manually.
Can it be done ?
06-03-2016 08:03 AM
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
06-03-2016 08:06 AM
Or the better (Insight) different way here: http://community.arubanetworks.com/t5/Controller-B
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
06-07-2016 11:10 PM
I am going to use the insight method,
So far I got this,
1st time user1 is loggin in from device1 > authenticated.
2nd time user1 is logging in form device2 > denied. Which is fine.
But if the user2 is logging in from device1 (user1 already logged in from device1) > authenticated (I want this to be denied).
This is what I dont want, once a user1 log in from a device1 it would get register for that particular user. Other user (user2) should not be able to login from that device (device1).
Also how many days insight repository will cache the auth session details.
06-08-2016 02:19 AM
But different users can still log in from same device. How to block them ?
06-08-2016 02:51 AM
Not sure if it is the best possible way to do this, but you could simply save the username with the endpoint on the first authentication, then simply compare new usernames to what you saved with that endpoint.
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.