having a problem with my new ACS 5.0 installation.
I'm able to read the LDAP-directory and see all need groups.
But when I logon to a switch, my policy-rule, which references to a ldap-group, does not match, it always hits the default-rule.
If I change the default rule to "allow" I'm able to logon.
Any ideas why my rule does not match?
about the directory:
1 group with about 15 users
Subject Objectclass: person
Subject Name Attribute: sAMAccountname
Group Objectclass: group
Group Map Attribute: memberOf
Group Objects Contain Reference to Subject
-> Subjects in Groups are Stored in Member Attribute As: distinguisched name
Subject Search-base point to where the users are stored
Object Search-base point to where the groups are stored
No Username Domain Stripping