Security

I am using [Last Known Location] default attribute in the endpoint database to store the last authenticated location for wireless and wired devices using appropriate NAS fields from RADIUS.  I want to include some sort of audit trail for wired devices as they move around campus, so I made a copy of this attribute in the dictionary and called it AllKnownLocations with Allow Multiple set to "Yes".

 

I thought that this would cause new copies of the attribute to be created when it returned during authentication, but that is not how it is working...it is overwriting the last value just as it does for [Last Known Location].  Has anybody else done this?  Is Allow Multiple only for manual attribute changes?

Dear, 

 

Allow multiple is applicable for list type data type. Since Last known location is string, Allow multiple is not applicable

No, this is not possible. This is really an NMS function.

Dear Tim,

Lets consider the scenario in which i want to add usernames to the
endpoint. To know which user used a particular endpoint.

I have tried but entity update couldn't do it.

Whats the purpose and use case of allow multiple then?

Hello,

 

The allow multiple will allow you to add multiple attributes that are entered manually or passed thorough an entity update (post auth update).  But when you update an allow multiple attribute with a single string, it will override the existing data with the new string and will not append the new string to the existing data.

 

Allow multiple is meant for you to pass multiple strings/data through an update and not to insert a new string with the existing data. I hope this clears the usage.

You should consider using an NMS or export authentication logs (Syslog log) to an external server for tracking. Insight reporting may also help.

 

 

Thanks Saravanan,

That makes sense. Is there any usecase which you can share in which we are
able to pass multiple values for entity update?