Placing clients in untrusted after log off of AS SSO

Answered Question
May 21st, 2010

I have a L3 OOB NAC deployment with AD SSO. Users are mapped to different roles depending on OU membership and then to different VLANs. What happens is that if a user with a certain role logs on to a client and is palced in his VLAN, say VLAN10, and then logs off the PC, the PC stays in VLAN10.

Another user from a different role now comes along and logs onto that same PC stays in that same VLAN, but really needs to move to another VLAN because he/she has a different role.

If the system is rebooted then everything works fine as the SNMP linkdown trap is sent to the NAM.

How can I cause the clients using AD SSO change the role of the port to unauthenticated when they log off the system? I know that this can work with in-band but i don't know if it can be done with OOB.

I have this problem too.
0 votes
Correct Answer by Faisal Sehbai about 6 years 8 months ago

Sachin,

OOB Logoff feature is coming in 4.8, due out in late summer. Currently what you're looking to do can't be done.

HTH,

Faisal

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Faisal Sehbai Fri, 05/21/2010 - 19:17

Sachin,

OOB Logoff feature is coming in 4.8, due out in late summer. Currently what you're looking to do can't be done.

HTH,

Faisal

Actions

This Discussion