New Contributor

Access Tracker "REJECT" Reason and visability - Unique Device Count


As an cppm administrator daily business has to be simplified where ever possible.
There are many reasons why an user access is rejected. One of them can be "Unique-Device-Count reached".

If you are working with the "Unique-Device-Count" and the limit is reached, the output in the Access Tracker looks like "Output: Enforcement Profiles: [Deny Access Profile]".

If you want it more specific the solution can look like this:
1. Copy the system defined Enforcement Profile "[Deny Access Profile]"
2. Adjust the name of the profile. For example --Deny Unique Device Count--"
3. Due to behavior of CPPM choose "Radius:Aruba Aruba-User-Role = deny" as Attribute
4. Make sure the Action of the new Profile is still "Reject"
5. Replace the old [Deny Access Profile] with the new one in your Enforcement Policies -> Rules -> Actions

Your Access Tracker entry for rejected users who reached the device limit should look like this now:
Summary: Enforcement Profiles: --Deny Unique Device Count--

If you find this solution useful or want to add something, please let me know.

Guru Elite

Re: Access Tracker "REJECT" Reason and visability - Unique Device Count

You should never put anything in brackets.

Brackets mean it was an out of box/stock element.

| Tim Cappalli | Aruba Security | @timcappalli | |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
New Contributor

Re: Access Tracker "REJECT" Reason and visability - Unique Device Count

Hi cappalli!
Thank you very much for your hint!
I've edited the post obove for further use.

Search Airheads
Showing results for 
Search instead for 
Did you mean: