Security

Reply
Occasional Contributor II

Endpoint attribute tag

I am using an endpoint tag to update all endpoint with tag Corporate.

I can see this tag on each endpoint hitting the configured rule .

Is it possible to put a timer on this tag. So that it automatically gets deleted after few days ?

Also is it possible to replace this tag with another tag Corporatenew . I don't want to add two tags . Just want to replace one with another. Is it doable ?
MVP Guru

Re: Endpoint attribute tag

There is no attribute expiration built-in. What you could do is use a Time Source authorization server to put a timestamp as attribute next to the attribute itself with the desired expiration. Then during role-mapping (or even enforcement) you can check both the attribute and the timestamp, like: (Endpoint:Corporate exists) AND (Endpoint:CorporateExpire LESS THAN Time Source:Now).

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Occasional Contributor II

Re: Endpoint attribute tag

Hi Herman,

Thanks. Can you show the config screenshot please
Highlighted
MVP Guru

Re: Endpoint attribute tag

I don't have a screenshot for that as the above are just guidance on how you could do it. Your Aruba ClearPass should be able to assist you in building and testing this. 

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC (click for contact details).
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: