Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
342
Views
0
Helpful
1
Replies

Selfregistration Portal user get bound to Endpoint

Go to solution
ll1
Level 1
Level 1

‎02-13-2019 01:35 AM - edited ‎03-11-2019 01:55 AM

Hello Community

For our Customer we have build a self-registration portal. Where the Guest is using his Phine Number as username (java script).

We have Build an Authentication and Authorization rule for known Guest (Remember Me) where the guest once registered dont have to enter the user credentials again. Purge policy for the RegisteredDevice is set to 90Days. Guest can register up to 5 devices the credentials are valid for 1Days and will be purged in the morning. Exactly here is the Problem, as soon the Credentials are purged the Guest Device will not be treated as a known Guest and get redirected to the login page.

 

We have to delete the guest credentials once expired for the following usecase: Guest delete the SMS with the Password. Create new login credentials is not possible with the same Phone Number (already exist). Attach a random number on the end is not a option for the customer.

 

Resend the Password over the Sponsor Portal is also not possible. Our ISE is used for Multiple Customer in that case we are not able to give customer admin right's.

 

Our Setup:

Cissco ISE 1.4p5

Cisco WLC 8.3.133.0

 

My Questions:

1. Is that correct that User are bound to the Endpoint and once deleted the User Remember ME is not working?

2. Its there a way for a Sponsor without Admin right to resend the Password for a user.
3. any suggestion or improvements?

 

thank you for help

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎02-13-2019 08:36 AM

I am having a problem following.

Yes when the credentials are purged the endpoint portal user id is removed and the device is likely not able to access the same way.

The sponsor doesn't need admin rights. Are you saying ALL_ACCOUNTS?

Also please get off 1.4 :) move to at least 2.2.

Please PM me and we can discuss as well

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jason Kunst
Cisco Employee
Cisco Employee

‎02-13-2019 08:36 AM

I am having a problem following.

Yes when the credentials are purged the endpoint portal user id is removed and the device is likely not able to access the same way.

The sponsor doesn't need admin rights. Are you saying ALL_ACCOUNTS?

Also please get off 1.4 :) move to at least 2.2.

Please PM me and we can discuss as well
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents