Hi
In a customer environment with ClearPass MAC addresses have been added to do role mappings in several ways.
- Endpoints database with a custom attribute
- OUI in the role mapping policy
- Devices with a role in ClearPass Guest
Everyting is working fine and devices get the correct roles based on the different taggings.
But would it be possible to create a page to search for a MAC address en get the resulting role sent back to the user. This way also users who doesn't need access to manage the mac addresses can do a lookup.
Would this work:
A web login page where the user submit a MAC address instead of a username. This is processed as a web logon with the same role mapping policy as the normal MAC authentication and the resulting role is displayed to the user, or an message that the address wasn't found.
If it works, how do I implement it?
Jonas Hammarbäck | Aranya AB
ACMP, ACCP