im trying to do someting really simple and is a mac authentication iwth clearpass
If the user has the mac on the endpoint repository with device type staff its good
if the endpoint does not have this devicetype staff, it would get the default policy which is deny access
i see on the clearpass that is doing what it should, if it has the device type it authenticating if he does not have it it give it the deny profile and rejecting it
But in the controller i see the user connect even if the clearpass send it a deny profile and i dont get whtas wrong on it.
On the controller is getting the initial role
Here is the service