AD query results are cached for a period of time, check the AD auth source for what your particular setup is configured for.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Mar 25, 2024 08:12 PM
From: ajorigenes17
Subject: ClearPass AD Policy unable to fetch new users policy
Hello I just want to confirm if there is misconfiguration in my end, I have Clearpass and able to join the domain to CPPM . under my Microsoft AD, User 1 is a member of BYOD_DEVICE and as a result user will able to login to the BYOD device using AD credentials.
Now, here's what I dont understand. I remove User 1 as member of BYOD_DEVICE Group under Microsoft AD, so when User 1 will try to authenticate using BYOD Device ClearPass will reject the User since User 1 is no longer part of the BYOD_DEVICE Group. but what happen is after I remove User 1 to BYOD_DEVICE Group User 1 still able to authenticate using BYOD Device and upon checking ClearPass access tracker BYOD role and Policy still triggered. is there a way that the policy that I already applied in my user ad groups will automatically update and fetch the new policy under my CPPM ?