Occasionally it can be really useful to change the guest's expiry based on PolicyManager logic. I've noticed that on 6.9.x the PolicyManager now has direct access to the guest attributes - except for the expiry-time. Theoretically from PolicyManager during a guest registration you can update the guest account's expiry using a Post_Authentication Profile Expire-Time-Update:GuestUser = <minutes>. Hence, setting this to 10 would make the account expire in 10 minutes. But it only seems to work if the time period does not exceed the guest's original expiry time. This makes it almost useless.
An alternative approach is to use create a Context Server Actions with a Generic HTTP Context Server. This can be used to initiate a RESTful API call into ClearPass:
Where the "expire_time" is the number of seconds from the Unix epoch.
This is called from an HTTP Profile:
Hope this is of interest.
------------------------------
Derin Mellor
------------------------------