05-04-2007 07:28 AM - edited 02-21-2020 01:30 AM
Hi,
Can anybody confirm whether it is possible to assign Users to specific Vlans based on Active Directory attributes.
Cisco NAC 3100 Series devices will be deployed in the installation. At present no posture assessment is necessary, only Vlan assigment using AD username/password.
The documentation is unclear as to whether this can be achieved.
Thanks
Ian.
05-04-2007 07:44 AM
If you have ACS in place you can use that. I realize you did not mention that you did but wanted to throw that out as well.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml
Please rate if this helps
05-04-2007 07:58 AM
Thanks for the reply.
Unfortunately the customer specifically wishes to use the NAC Servers for Vlan assisgnment based on AD attributes.
Next will come posture assessment etc.
I can find no documentation that verifies this is possible using NAC?.
Ian.
05-04-2007 09:35 AM
I know if you are doing a NAC appliance setup CAM/CAS you can map the OU from AD to a vlan.
Looks like you are using NAC framework which in that case I believe you would have to use the ACS.
05-04-2007 11:54 AM
Hi Ian:
Thanks for your question. Unfortunately, Your question is not related to the topic being covered, which is Physical Securtiy & Video Surveillance. Suggest to email directly with Cisco Support: tac@cisco.com
Hope that they will able to resolve your question. Best regards,
Hugo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide