NAC and Active directory users

Unanswered Question
Jan 8th, 2008
User Badges:

Dear All,

I have implemented NAC on my campus.

but there is a big problem,

my users have to refresh their Ip addresses when the NAC changes their VLans.but they have not enough permission for releasing their Ip address and renew it,

any idea?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
srue Wed, 01/09/2008 - 06:50
User Badges:
  • Blue, 1500 points or more

i don't know if there is a 'cisco' solution, but in windows just edit their group policy in AD and give them permissions to change their network settings.

davemit Wed, 02/20/2008 - 06:14
User Badges:

The CCA Stub will enable users without admin rights to renew their IP automatically. I just ran into this issue in our OOB deployment.

- Dave

pplsi Thu, 02/21/2008 - 13:15
User Badges:

Unless they have changed it the stub just lets the updates run without admin rights. It is easiest to just give them right to release and renew.

However, we weren't allowed to do that and had to resort to using devcon.exe from Microsoft.

cleidh_mor Tue, 02/26/2008 - 09:06
User Badges:

There's an option to bounce the port when a user gets logged in. As long as the users aren't plugged into an IP phone, that might be an option.

The other option is to allow non-authenticated clients to get a DHCP address from the normal range, meaning that the VLAN change won't affect them.


This Discussion