Guys,
One of the reasons we bought clearpass was to allow our staff to self register their "employee owned" devices. In this case, we don't purchase mobile phones or tablet for the staff, but allow them to use their devices.
Our understanding (i.e sales pitch) from Aruba was that we would be able to limit our staff to registering one iphone and one ipad per employee. The reason for this was employees would regularly purchase new phones and not tell us about it, and just join them to our staff wifi network (leaving the old one credentialed as well). :(
To get around that, we started manually entering mac addresses into the internal database of the Aruba controller so that the staff would at least have to bring us their new devices before they could get on the network. Functional, but a headache for IT staff.
The goal for clearpass was to have staff go to a portal page and register their own devices... All of this is working BUT we can't seem to find a way to limit it to one iPhone and one iPad. It seems to see them both as iOS devices and makes no distinction, which really defeats the purpose if someone can add their old AND new iphone to the system.
Any ideas on how to make this work?