Security

last person joined: 9 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CPPM Endpoint attribute allow multiple

Jump to Best Answer
  • 1.  CPPM Endpoint attribute allow multiple

    Posted Feb 25, 2020 06:12 PM
      |   view attached

    I am using [Last Known Location] default attribute in the endpoint database to store the last authenticated location for wireless and wired devices using appropriate NAS fields from RADIUS.  I want to include some sort of audit trail for wired devices as they move around campus, so I made a copy of this attribute in the dictionary and called it AllKnownLocations with Allow Multiple set to "Yes".

     

    I thought that this would cause new copies of the attribute to be created when it returned during authentication, but that is not how it is working...it is overwriting the last value just as it does for [Last Known Location].  Has anybody else done this?  Is Allow Multiple only for manual attribute changes?



  • 2.  RE: CPPM Endpoint attribute allow multiple

    Posted Feb 26, 2020 06:49 AM

    Dear, 

     

    Allow multiple is applicable for list type data type. Since Last known location is string, Allow multiple is not applicable



  • 3.  RE: CPPM Endpoint attribute allow multiple

    Posted Feb 26, 2020 09:58 AM

    No, this is not possible. This is really an NMS function.



  • 4.  RE: CPPM Endpoint attribute allow multiple

    Posted Feb 26, 2020 10:07 AM
    Dear Tim,

    Lets consider the scenario in which i want to add usernames to the
    endpoint. To know which user used a particular endpoint.

    I have tried but entity update couldn't do it.

    Whats the purpose and use case of allow multiple then?


  • 5.  RE: CPPM Endpoint attribute allow multiple
    Best Answer

    Posted Feb 26, 2020 03:50 PM

    Hello,

     

    The allow multiple will allow you to add multiple attributes that are entered manually or passed thorough an entity update (post auth update).  But when you update an allow multiple attribute with a single string, it will override the existing data with the new string and will not append the new string to the existing data.

     

    Allow multiple is meant for you to pass multiple strings/data through an update and not to insert a new string with the existing data. I hope this clears the usage.

    You should consider using an NMS or export authentication logs (Syslog log) to an external server for tracking. Insight reporting may also help.

     

     



  • 6.  RE: CPPM Endpoint attribute allow multiple

    Posted Feb 26, 2020 09:26 PM
    Thanks Saravanan,

    That makes sense. Is there any usecase which you can share in which we are
    able to pass multiple values for entity update?