Security

I want mac caching for 'vip' users lasts 90 days. But every 30 days 'vips' have to reauthenticate via capitve portal.

The Service logs following error:

Code 206

Failed to get value for attributes=[Days-Since-Auth]

In Endpoint DB the client is found, as shown in my screen shots.

I don't know where the value of 30 days is configured?

Does the cleanup interval of the endpoint database does have impact on it?

Please have a look at my screenshots.

Check your Insight config under https://<cppmIP>/insight/admin

Database Retention on mine is set to 30 days

_ELiasz

Ok the value in insight is set to 30. I changed it.

Does it have effekt on the endpoint database?

Or is authentication date taken from the insight database?

Hi

    1. Ensure your insightDB is enable

    2. It（“days_since_auth") works in clearpass as follows

SELECT FLOOR((EXTRACT(EPOCH FROM (NOW() - timestamp)))/86400)::integer AS days_since_auth FROM auth WHERE auth.timestamp < NOW() AND auth.error_code = 0 AND auth.username = '%{Endpoint:Username}' AND auth.mac = '%{Connection:Client-Mac-Address-NoDelim}' AND auth.auth_status != 'MAB' ORDER BY timestamp DESC LIMIT 1

          As we know clearpass search "days_since_auth" need %{Endpoint:Username} , so make sure you cached user's username in Mac Caching Profile ,like this: