04-12-2016 05:22 AM
Hello,
customer wants to use ISE Guest Portal to authenticate contractors. They want to use the feature
'automatically register guest devices' to not run into the timeout when the notebook gets closed, which they are seeing today on the WLC Guest Portal doing the same thing.
Backend directory is ldap with account deactivation after a day or also after an week.
How does the authorization takes place on ISE when the MAC Address is not purged for a month, is the deactivated account on ldap considered by any means.
Fact is, they don't want to reauthenticate on the guest portal but they don't want to let the contractor in once the contractor credentials got deactivated on ldap.
Any comments are welcome.
Regards
Wolfgang
Solved! Go to Solution.
04-12-2016 05:37 AM
Once you register and base authorization off mac address you have lost visibility of the ldap account
the only way to tie an expiration of an account to a MAC address is to use guest accounts as when the guest account expires the portal user id is removed from the endpoint which is also removed from the endpoint group and would be the required to go back through the web auth portal
04-12-2016 05:37 AM
Once you register and base authorization off mac address you have lost visibility of the ldap account
the only way to tie an expiration of an account to a MAC address is to use guest accounts as when the guest account expires the portal user id is removed from the endpoint which is also removed from the endpoint group and would be the required to go back through the web auth portal
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide