Security

Reply
Highlighted

Deletion of clearpass guest accounts

Been revisiting setting up a basic clearpass guest service whare a visitor has time-limited access to a guest portal based service.

 

When I did this about 5 years ago i could delete an account after it expired so if the user tried to re register things would "just work"

 

AFAIK this has now been depreciated in favor of a Policy Manager global setting for clearing out guest users. Unfortunately the minimum deletion period is 1 day

 

So ....

 

User registers for visitor access at 9am ( iinitial login, subsequent mac caching)

System grants them  2 hours access

11am account expires

User then wants to connect again  ..

... but can;t because account has expired ( not deleted)

cronjob (?) purges their account  i assume at  main period ~2am ish

 

If the above is correct , why the depreciation  of user account deletion at expiry time in favour of a global setting thast can only run once a day minimum?

 

A

 

 


Accepted Solutions
Highlighted
Aruba Employee

Re: Deletion of clearpass guest accounts

So you want the guest user to be able to register again with the same account after its account expired?

Why not try to use auto_update_account

https://www.arubanetworks.com/techdocs/ClearPass/6.7/Guest/Default.htm#Configuration/BusinessLogicForAccountCreation.htm?Highlight=auto_update_account

View solution in original post


All Replies
Highlighted
Aruba Employee

Re: Deletion of clearpass guest accounts

So you want the guest user to be able to register again with the same account after its account expired?

Why not try to use auto_update_account

https://www.arubanetworks.com/techdocs/ClearPass/6.7/Guest/Default.htm#Configuration/BusinessLogicForAccountCreation.htm?Highlight=auto_update_account

View solution in original post

Highlighted

Re: Deletion of clearpass guest accounts

Because didn't know it existed. Many thanks for that, I'll go have a play

 

Rgds

Alex

 

Highlighted

Re: Deletion of clearpass guest accounts

Ah! in fact its enabled by default when you use the template to create a guest user account ..

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: