I need some help setting up MAC Caching in Clearpass for our Captive Portal authenticated SSID that is used to provide BYOD access for our Students.
I am using our Active Directory as the Authentication Source rather that the TIPS Guest user database.
I have managed to get everything to work but the authentication for the cached MAC address.
It looks to me like an Authorization problem rather that an Authentication problem as the MAC address is found and authenticated but there is no value found for the endpoint username.
It looks like the WEB_Login MAC-GUEST-Check is either not being properly updated or referenced. The Request Detail shows an alert #206. “Failed to get value for attributes=[UserName].
When I examine the MAC-GUEST-CHECK Authorization source there is a filter to set the UserName. The query for the filter is
SELECT user_id as guest_device_user FROM tips_guest_users WHERE ((guest_type = 'USER') AND (user_id = '%{Endpoint:Username}') AND (app_name != 'Onboard') AND (enabled = 't') AND ((expire_time is null) OR (expire_time > CURRENT_TIMESTAMP)))
I Think I need to edit this filter query so that it looks in the Active Directory as opposed to tips_guest_users but I am not sure how to structure the filter.