Frequent Contributor II

Guest Endpoint cleanup



I've set guest account cleanup to 30days after expiry.

But I just noticed that their endpoints are sill kept in clearpass. I would like to clearnup those and remove them. They are set to status known since we use mac-caching.


But I don't want to remove known endpoints that actually use mac-auth for other stuff and are still active. So I guess I cannot use known endpoint clean up since that would remove also those devices.


I found another forum thread that was using a script and clearpass API for this. 


Is this the only valid solution right now ? Seems like somthing most people would like to do, remove old guest endpoints.

Guest Blogger

Re: Guest Endpoint cleanup

Your assumption is correct as far as I know. There is no option to only remove "known guest endpoints" in ClearPass. Creating a script to filter endpoints with the Guest ID attribute (write the ID to endpoint db) and remove those endpoints, is a valid scenario (for now).


@rene_booches | AMFX #26, ACMX #438, ACCX #725, ACDX #760, CCNP R&S, CEH | Co-owner/Solution Specialist@4IP / blog
Frequent Contributor II

Re: Guest Endpoint cleanup

ok, thanks just wanted to verify. Will write a script to do this.

Search Airheads
Showing results for 
Search instead for 
Did you mean: