When user login and authenticate through ACS they are dropped into the Group:Default instead of the group that I created for them.
I have added wireless to our environment, I want to take advantage of using Radius and 802.1x to authenticate the wireless users.
Here's my goal, I want the "WiFi-Admin" group mapped to the Windows Active Director group "Administrators" and assign this group to vlan "Vlan604".
So I did the following:
1. Created ACS Group:WiFI-Admin
2. Assigned the Cisco Airespace Radius Attribute: [14179\005] Aire-Interface-Name = vlan604
3. Went to External User Database> Database Group Mapping> selected my Active Directory, and assigned the "Administrator" group to the ACS Group: "WiFi-Admin".
Authentication is passed.
User are mapped to the correct Vlan and Subnet.
But.. they do not show up in that group. but instead show up in the Group: Default
I did find a workaround, in the cisco wiki case # K36044078 and applied it but then that fail. user could not authenticate and could not connect wirelessly.
any help would be much appreciated.