I have installed a cisco nac solution in inband virtual gateway and setup active directory sso.I also configured mapping rules based on attributes from the active directory ldap server and it is working
I have several organisationnal units (corresponding to roles in nac) in active directory.I want users to be mapped to these OU based on their logon attribute:
eg:When a user in finance OU (organisational unit in active directory) logs in he should, based on his login credentials, be mapped to the finance role in the nac. Is this possible?
I am now doing it with active directory groups but don't know if it is possible with OU.