I have implemented Cisco NAC for remote VPN users. As part of this they go through 3 checks:
1. Antivirus installation check
2. Antivirus definition check
3. File check
I have configured the definition check to remediate via internal update servers if 30 days or more out of date.
The issue I'm seeing is that the end user recieves the following Cisco Agent error during the remediation process (while in the temporary role):
"The remediation you are attempting is reporting an access denied error. This is usually due to a privilege issue. Please contact your system administrator."
The definition update happens in the background though (I have allowed the required access through the NAC server) and once complete places the user in the correct role. Therefore It's no so much an issue, just a misleading message displayed to the user.
Has anyone seen this before or know where this is configure?