Dell PowerConnect W Clearpass 100 Software Auto Create MAC Auth Account (Authe - Page 24

Appendix - Limiting Paired Devices

Get Dell PowerConnect W Clearpass 100 Software PDF manuals and user guides View all Dell PowerConnect W Clearpass 100 Software manuals
Add to My Manuals
Save this manual to your list of manuals

Page 24 highlights

5 Appendix - Limiting Paired Devices It may be desired to limit the number of MAC devices that are created and tied to a single user account. This can be accomplished with a change to the role expression. return ( ($MAX_MAC_ACCOUNTS = 2) && (NwaRadiusLocalServer()->GetUserCount(array( 'sponsor_name' => strtolower(GetAttr('User-Name')), 'delete_time' => 0, 'mac_auth' => 1) ) >= $MAX_MAC_ACCOUNTS) ? (AccessReject() && 0) : 1 ) && empty($user['mac_auth']) && NwaDynamicLoad('NwaCreateUser') && NwaDynamicLoad('NwaNormalizeMacAddress') && ($mac=NwaNormalizeMacAddress(GetAttr('Calling-Station-Id'))) && ((!empty($user['id']) && NwaCreateUser(array( 'creator_accept_terms'=>1, 'mac'=>$mac, 'mac_auth'=>1, 'role_id'=>5, 'visitor_name'=>$user['username'], 'sponsor_name'=>strtolower($user['username']), 'mac_auth_pair'=>$user['id'], 'auto_update_account'=>1))) || (empty($user['id']) && NwaCreateUser(array( 'creator_accept_terms'=>1, 'role_id'=>5, 'mac'=>$mac, 'mac_auth'=>1, 'visitor_name'=>$user['username'], 'sponsor_name'=>strtolower(GetAttr('User-Name')), 'modify_expire_time'=>'today 17:00', 'do_expire'=>4, 'auto_update_account'=>1))) ) && 0; Annotated: return // A logical block to put our expression. ( // Number of devices per user allowed. ($MAX_MAC_ACCOUNTS = 2) // Search for existing accounts. 24| Auto Create MAC Account Amigopod |Technical Note

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
24
| Auto Create MAC Account
Amigopod
|Technical Note
5
Appendix – Limiting Paired Devices
It may be desired to limit the number of MAC devices that are created and tied to a single user
account.
This can be accomplished with a change to the role expression.
return
(
(
$MAX_MAC_ACCOUNTS
=
2
)
&&
(
NwaRadiusLocalServer
()
->
GetUserCount
(
array
(
'sponsor_name'
=>
strtolower
(
GetAttr
(
'User-Name'
))
,
'delete_time'
=>
0
,
'mac_auth'
=>
1
)
)
>=
$MAX_MAC_ACCOUNTS
)
?
(
AccessReject
()
&&
0
)
:
1
)
&&
empty
(
$user
[
'mac_auth'
])
&&
NwaDynamicLoad
(
'NwaCreateUser'
)
&&
NwaDynamicLoad
(
'NwaNormalizeMacAddress'
)
&&
(
$mac
=
NwaNormalizeMacAddress
(
GetAttr
(
'Calling-Station-Id'
)))
&&
((
!
empty
(
$user
[
'id'
])
&&
NwaCreateUser
(
array
(
'creator_accept_terms'
=>
1
,
'mac'
=>
$mac
,
'mac_auth'
=>
1
,
'role_id'
=>
5
,
'visitor_name'
=>
$user
[
'username'
]
,
'sponsor_name'
=>
strtolower
(
$user
[
'username'
])
,
'mac_auth_pair'
=>
$user
[
'id'
]
,
'auto_update_account'
=>
1
)))
||
(
empty
(
$user
[
'id'
])
&&
NwaCreateUser
(
array
(
'creator_accept_terms'
=>
1
,
'role_id'
=>
5
,
'mac'
=>
$mac
,
'mac_auth'
=>
1
,
'visitor_name'
=>
$user
[
'username'
]
,
'sponsor_name'
=>
strtolower
(
GetAttr
(
'User-Name'
))
,
'modify_expire_time'
=>
'today 17:00'
,
'do_expire'
=>
4
,
'auto_update_account'
=>
1
)))
)
&&
0
;
Annotated:
return
// A logical block to put our expression.
(
// Number of devices per user allowed.
(
$MAX_MAC_ACCOUNTS
=
2
)
// Search for existing accounts.