Hi everyone,
We are new to Clearpass and are in the middle of building out our profiles. We have user roles in the controllers that are specific to the building where they are used. This is basically to limit buildings from talking to other buildings in the network (We do not have a firewall in each building to do this for us). Because of this, we have to build out a Service profile for each building, which will be over 200 profiles.
Someone made a suggestion the other day that if I could use a variable to select an enforcement profile or user role, it would solve my issues. The closest one I could see is the AP Group. All buildings have an unique AP group that has the name in the beginning. If I could somehow within the enforcement policy or profile define something like this
"%{{Radius:Aruba:Aruba-AP-Group}-"-WiFi_Group"}-employee
Basically taking the AP Group, truncating the end of it and attaching "-employee" at the end. It would make life easier.
Any opinions or suggestions?