Security

Does ClearPass have a way to show if a profile, policy, identity, role… has been configured and used in a service or it is an orphan that can be deleted?

I know you could only delete a profile or policy… that has not been associated to a service, but it is still nice to know.

Thanks,

if you go into access tracker it will show you what roles and services were used. (screen shot 1). Also you can click the show configuration button is later 6.4 and 6.5 versions of clearpass and it will show you the full service in a new tab.

There are a couple feature requests in to allow remove and reporting on stale services, but is not available today 

“Show Configuration” is nice to have. I’ll use it more. Actually what I am looking for is kind of reverse look up.

Anyone has used the AOS command “show reference x y z,” you know how useful the command is. I would like to make a request/wish list for the same command in CPPM.

For instance, in this “Deny Access Role” if you can put a button “show reference” next to Export and Delete to list all services that this role is associated with.

Regards,

Sounds like a great feature request!