Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Get all clients in a group policy

Solved
cmtk
Conversationalist
‎Apr 11 2020 7:49 PM
‎Apr 11 2020 7:49 PM

Get all clients in a group policy

Hello! What is the best way to get a list of all clients in a group policy? Or alternatively the group policy of all clients?

I've tried a couple things, but haven't found a great way to do this.

 

While Get Network Clients shows the 802.1x policies groupPolicy8021x if available (curiously, Get Network Client does not), neither include the Meraki group policy.

 

It appears the only way to get a client's group policy is to use Get Network Client Policy, which gives a Meraki groupPolicyId. However, this is a single-client endpoint, so I'd have to iterate and request that for each and every client in the network. For a network with 1500 clients in the timeframe, and the (reasonable) 5 requests per second rate limit, this would take about 5 minutes.

 

Is there a better way to do this?

 

If not, a question for the API team:

What is the feasibility of adding groupPolicyId to the GetNetworkClient/s endpoints?
Also, not as sure about this, but perhaps Get Network Group Policy could include an array of client IDs?

This would help with a couple previous posts as well:
Meraki API Noob - Adding a client to a group policy in multiple MR networks - Please help!

Apply device policy across multiple networks

Labels:
0 Kudos
Subscribe
1 Accepted Solution
chengineer
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Apr 13 2020 12:52 PM
‎Apr 13 2020 12:52 PM

Hi @cmtk, you're correct: there's not a direct way to do this currently and we are investigating adding this feature later. What can be done today is to iterate over the clients (as you mentioned) if there are known group policies assigned, and then keep track of those changes (along with using webhooks for any possible policy assignments made via dashboard UI) so that the process does not have to be repeated every so often.

Solutions Architect @ Cisco Meraki | API & Developer Ecosystem

View solution in original post

0 Kudos
Subscribe
3 Replies 3
chengineer
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Apr 13 2020 12:52 PM
‎Apr 13 2020 12:52 PM

Hi @cmtk, you're correct: there's not a direct way to do this currently and we are investigating adding this feature later. What can be done today is to iterate over the clients (as you mentioned) if there are known group policies assigned, and then keep track of those changes (along with using webhooks for any possible policy assignments made via dashboard UI) so that the process does not have to be repeated every so often.

Solutions Architect @ Cisco Meraki | API & Developer Ecosystem
0 Kudos
Subscribe
In response to chengineer
cmtk
Conversationalist
‎Apr 13 2020 1:42 PM
‎Apr 13 2020 1:42 PM

Thanks @chengineer! I was thinking about using webhooks or the Change log endpoint as well.

I look forward to those (potential) future feature updates.

0 Kudos
Subscribe
Ilya_Kisel
Here to help
‎Mar 2 2023 11:12 PM
‎Mar 2 2023 11:12 PM

The best solution is:

1) Fetch all clients via GET /networks/{networkId}/clients|
2) Put the fetched clients into a hashtable (Map) with client.id as a key and client as a value.

3) Fetch all clients with group policies via GET /networks/{networkId}/policies/byClient 
4) Match clients with policies to clients by client.id, using the Map from step 2.

In the end, you will have all clients with their corresponding group policies collected in 2 requests to Meraki API.
Both getClients and getNetworkPoliciesByClient requests support pagination with page size up to 1000.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.