ACS 5.1 - Allocate vlan to port based on group nam in ldap

Unanswered Question
Aug 17th, 2010
User Badges:


In my 802.1X environment, I have pc's that authenticate with machine certificates against ACS5.1. This works fine.

Now I want to allocate the vlan number based on the group in ldap.

My ldap connection is working fine, and I have configured an extra attribute 'memberOf', so I can use it int the Access Policies.

I have tried with 2 Access Service Authorization rules for 802.1X service, that says:

- memberOf=OU=Groupname, dc=domain,dc=com

- memberOf=Groupname

However, both rules are not hit, while the group name does exist in the ldap attributes

Can you advice how to configure the authorization rule ?

thx Karien

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion