06-03-2015 07:05 AM
Has anyone else seen this
When creating services/Auth Sources/Role Mappings/Enforcement Policies I always include a "last changed" date in the name. If I make a change to it I change the date. As I do all my service dev work on a dev server and then port it to my production server it means I can easily see which item needs updating because the date is there. I can't just backup the config from my dev server and restore it on the prodn one because the dev server has all sorts of other playtoy things on it.
Usually, when I change the name of something everywhre its used gets updated to the new name, which is fine. Hoever, I've just noticed that this hasn't happened in one of my enforcement policies I have a condition that says
Authorization:get_mac_info - 010315:managedDevice Equals 1
This is a mysql query that checks whether a client mac address is defined as being a managed device.When I updated the authorization source to be "get_mac_info - 010615" this enforcement policy condition didn't update, it was still .....010315 .... which meant the condition failed and the enforcement policy used the defaulkt profile.
Is this a bug?
I've modified the Enforcement Policy by adding a Role mapping for the get_mac_info ... to a Role of UoY Managed Device and then checking for the existence of the Role in th enforcement policy