Timeout parameters for unauthenticated user authentication table entries

You can configure separate timeout values for invalid user authentication table entries. User entries for both active directory and Aruba ClearPass contain a timeout value after which the entry expires. When an invalid entry is created for an unauthenticated user attempting to log in, the current timeout value, which applies to all entries, applies to it. Active directory probes the unauthenticated user's workstation for identity information. The device queries ClearPass for the authentication information. While the probe or query is taking place, the timeout value for the invalid user entry is counting down. To ensure that an invalid user entry does not expire during this period, this feature introduces new timeout parameters specifically for invalid user entries. Because they are separate features, individual entries are defined for Aruba ClearPass and for active directory. The active directory authentication table is a repository for both integrated user firewall and captive portal authentication.