Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
132
Views
2
Helpful
2
Replies

Creating Custom Attribute for Dynamic Reauthorization Scheduler

rezaalikhani
VIP
VIP

‎06-30-2025 12:31 AM

Hi everyone,

As you may be aware, Cisco ISE 3.4 Patch 1 introduces the Dynamic Reauthorization Scheduler feature. To implement this, we need to:

  1. Define a string attribute in the format: YYYY-MM-DDThh:mm:ss+timezone (e.g., 2024-12-31T23:59:59+00:00).

  2. Reference this attribute in the corresponding Authorization Profile.

My question: Could someone please guide me on how to create this custom attribute in ISE?

Any insights or documentation references would be greatly appreciated!

Thanks

2 Replies 2

Arne Bier
VIP
VIP

‎06-30-2025 04:09 PM

I had a play with this and gave up after a few hours of guessing my way around. The documentation is not helpful at all.

I tried creating a User dictionary item, with a static value of a certain cut off point.

ArneBier_0-1751324769868.png

Then apply this to the AuthZ Result

ArneBier_1-1751324833040.png

I have had varying luck with this - either ISE tells me it can't find the Authorization Profile (because of this change I made above), or it says this

ArneBier_2-1751324896800.png

Either way, this is the most arcane method of specifying a dynamic authorization .. can't Cisco think of something more user friendly? Or at least, document things properly?

 

 

rezaalikhani
VIP
VIP

‎06-30-2025 11:08 PM

@Arne Bier I think adding tones of new features without good documentation to implement them properly, is useless...

0 Helpful
Customers Also Viewed These Support Documents