Can you try 'Authorization:[Endpoints Repository] Hostname MATCHES_REGEX ..'?
A regex of .. should match anything two characters (or more). I can't test this easily, otherwise would would have checked. If .. doesn't work, you can try ..* (which means at least 2 characters, in case the regex needs to be a full line match).
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: May 28, 2024 09:10 AM
From: CHAO HSUAN HSIAO
Subject: CPPM identity endpoint hostname
Hi
I tried, it doesn't work.
can't hit "Authorization:[Endpoints Repository] Hostname NOT_EXISTS" policies.
it will identify "Authorization:[Endpoints Repository] Hostname" attributes exist, even the value is empty.
Thanks.
Original Message:
Sent: May 28, 2024 08:08 AM
From: Herman Robers
Subject: CPPM identity endpoint hostname
You probably should do something like:
Authorization:[Endpoints Repository] Hostname EXISTS => return profiles with use of hostname
And/or NOT_EXISTS => return profile without hostname
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
Original Message:
Sent: May 26, 2024 10:29 PM
From: CHAO HSUAN HSIAO
Subject: CPPM identity endpoint hostname
Hi
If that attribute is space, how condition can identify the space value?
Thanks.
Original Message:
Sent: May 20, 2024 08:19 AM
From: jonas.hammarback
Subject: CPPM identity endpoint hostname
Hi
You should use this string to get the host name:
%{Authorization:[Endpoints Repository]:Hostname}
If the client has a static IP address I think ClearPass will only get the hostname if the device performs a machine authentication with 802.1x. So it must be a Windows computer performing computer authentication.
If it's another type of client the authentication will be as a user authentication, and in this case the hostname will not be set.
Another option is to have other profiling methods, and get additional information about the client.
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
Original Message:
Sent: May 20, 2024 03:36 AM
From: CHAO HSUAN HSIAO
Subject: CPPM identity endpoint hostname
Hi
I want to use the endpoint's "Hostname" colum on enforcement profile, what value should type?
another question
If client use static ip then fingerprint can detected the Hostname?
Thanks.