Date Limiting a User / ISE Date Format

DAVID NOONAN · ‎12-21-2015

Just rolled out .1x for employees and the very next week someone brings in a contractor. They're not in LDAP so I'm planning to creating a user internal to ISE but I'd like to set a date limit on their access rather than trust someone to come back and disable them later.

They'll need internal access or I'd add a guest account with a time limit.

What's the best way to go about this?

I found the Session:CurrentDate attribute and I assume I could use that in an authorization policy if I knew what date format it wants. After playing with it a bit I almost think it wants to add multiple attributes, one for day, one of month and one for year.

What I'd prefer to a hard date would be "30 days from X" but I suspect that won't be possible.

Thanks

DAVID NOONAN · ‎12-22-2015

Ended up finding my own answer.

Under Policy > Policy Elements > Common there's a Time and Date section. You can use this to build conditions based on day of week, date range, etc.

nspasov · ‎12-23-2015

David, good job on finding a solution to your own problem! I had the thread marked to comment on but have been busy :) Also, thank you for taking the time to come back and share the solution with everyone here (+5 from me!)

Now, if your issue is resolved, you should mark the thread as "answered" :)

DAVID NOONAN · ‎01-05-2016

I don't see where to mark it answered. I see a Correct Answer button on your reply but not one on mine and I don't see an answered option anywhere else.